Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/85434?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "type": "ebuild", "namespace": "www-client", "name": "firefox", "version": "60.2.2", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "60.3.0", "latest_non_vulnerable_version": "137.0.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60724?format=api", "vulnerability_id": "VCID-1gbp-dg93-wud9", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5129.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5129.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84853", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84794", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84817", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84823", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84841", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84838", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84833", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84855", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84758", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84773", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02331", "scoring_system": "epss", "scoring_elements": "0.84792", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5129" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1428947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1428947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4139" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4155" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-09/" }, { "reference_url": "http://www.securityfocus.com/bid/103388", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103388" }, { "reference_url": "http://www.securitytracker.com/id/1040514", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040514" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555129", "reference_id": "1555129", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555129" }, { "reference_url": "https://security.archlinux.org/ASA-201803-22", "reference_id": "ASA-201803-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-22" }, { "reference_url": "https://security.archlinux.org/AVG-663", "reference_id": "AVG-663", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-663" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5129", "reference_id": "CVE-2018-5129", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5129" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06", "reference_id": "mfsa2018-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07", "reference_id": "mfsa2018-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09", "reference_id": "mfsa2018-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0526", "reference_id": "RHSA-2018:0526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0527", "reference_id": "RHSA-2018:0527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0647", "reference_id": "RHSA-2018:0647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0648", "reference_id": "RHSA-2018:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0648" }, { "reference_url": "https://usn.ubuntu.com/3545-1/", "reference_id": "USN-3545-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3545-1/" }, { "reference_url": "https://usn.ubuntu.com/3596-1/", "reference_id": "USN-3596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3596-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5129" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1gbp-dg93-wud9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60720?format=api", "vulnerability_id": "VCID-2wqx-77qd-fbfd", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12386.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12386.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97252", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97289", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97277", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97284", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97287", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97258", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97263", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97264", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97271", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97272", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97275", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.39099", "scoring_system": "epss", "scoring_elements": "0.97276", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635451", "reference_id": "1635451", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635451" }, { "reference_url": "https://security.archlinux.org/ASA-201810-6", "reference_id": "ASA-201810-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201810-6" }, { "reference_url": "https://security.archlinux.org/AVG-775", "reference_id": "AVG-775", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-775" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-24", "reference_id": "mfsa2018-24", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2881", "reference_id": "RHSA-2018:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2884", "reference_id": "RHSA-2018:2884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2884" }, { "reference_url": "https://usn.ubuntu.com/3778-1/", "reference_id": "USN-3778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3778-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12386" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2wqx-77qd-fbfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60711?format=api", "vulnerability_id": "VCID-2ybd-wjmm-c7hm", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12370.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12370.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12370", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52261", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52391", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52362", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52401", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52407", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52304", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52331", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52294", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52342", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52392", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00289", "scoring_system": "epss", "scoring_elements": "0.52376", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12370" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595035", "reference_id": "1595035", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595035" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12370" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ybd-wjmm-c7hm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60719?format=api", "vulnerability_id": "VCID-3v78-2fyv-tqht", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12385.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12385.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12385", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18639", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18758", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18711", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18662", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18608", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.1862", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18707", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18845", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18619", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18698", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18753", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632062", "reference_id": "1632062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632062" }, { "reference_url": "https://security.archlinux.org/ASA-201810-13", "reference_id": "ASA-201810-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201810-13" }, { "reference_url": "https://security.archlinux.org/AVG-782", "reference_id": "AVG-782", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-782" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-22", "reference_id": "mfsa2018-22", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-22" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-23", "reference_id": "mfsa2018-23", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25", "reference_id": "mfsa2018-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2834", "reference_id": "RHSA-2018:2834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2835", "reference_id": "RHSA-2018:2835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3403", "reference_id": "RHSA-2018:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3458", "reference_id": "RHSA-2018:3458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3458" }, { "reference_url": "https://usn.ubuntu.com/3778-1/", "reference_id": "USN-3778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3778-1/" }, { "reference_url": "https://usn.ubuntu.com/3793-1/", "reference_id": "USN-3793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12385" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3v78-2fyv-tqht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60741?format=api", "vulnerability_id": "VCID-41zd-qkbf-bucq", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5187.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5187.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84866", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84851", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84846", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84867", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84868", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84772", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84787", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84806", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.84808", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02336", "scoring_system": "epss", "scoring_elements": "0.8483", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595039", "reference_id": "1595039", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595039" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201808-8", "reference_id": "ASA-201808-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201808-8" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-751", "reference_id": "AVG-751", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-751" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5187" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-41zd-qkbf-bucq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60712?format=api", "vulnerability_id": "VCID-4ewq-72xf-rfhq", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12371.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12371.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12371", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.6582", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65795", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65816", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65802", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65772", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65806", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65687", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65737", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.65732", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595036", "reference_id": "1595036", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595036" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201808-8", "reference_id": "ASA-201808-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201808-8" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-751", "reference_id": "AVG-751", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-751" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12371" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ewq-72xf-rfhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60717?format=api", "vulnerability_id": "VCID-6uth-8k3d-7qdj", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.7053", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70479", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70522", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70415", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70429", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70446", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70424", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70469", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70509", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70494", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12381" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625529", "reference_id": "1625529", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625529" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20", "reference_id": "mfsa2018-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21", "reference_id": "mfsa2018-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12381" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6uth-8k3d-7qdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60730?format=api", "vulnerability_id": "VCID-7ksf-b6g3-ukcc", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5155.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5155.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86409", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86359", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86378", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86401", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86394", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86411", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86416", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86329", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.8634", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86358", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5155" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1448774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1448774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4209" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-11/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/" }, { "reference_url": "http://www.securityfocus.com/bid/104136", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104136" }, { "reference_url": "http://www.securitytracker.com/id/1040896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257", "reference_id": "1576257", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257" }, { "reference_url": "https://security.archlinux.org/ASA-201805-10", "reference_id": "ASA-201805-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-10" }, { "reference_url": "https://security.archlinux.org/ASA-201805-21", "reference_id": "ASA-201805-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-21" }, { "reference_url": "https://security.archlinux.org/AVG-693", "reference_id": "AVG-693", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-693" }, { "reference_url": "https://security.archlinux.org/AVG-707", "reference_id": "AVG-707", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-707" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155", "reference_id": "CVE-2018-5155", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11", "reference_id": "mfsa2018-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13", "reference_id": "mfsa2018-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1725", "reference_id": "RHSA-2018:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1726", "reference_id": "RHSA-2018:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1726" }, { "reference_url": "https://usn.ubuntu.com/3645-1/", "reference_id": "USN-3645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3645-1/" }, { "reference_url": "https://usn.ubuntu.com/3660-1/", "reference_id": "USN-3660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3660-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5155" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7ksf-b6g3-ukcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60703?format=api", "vulnerability_id": "VCID-89t2-wzrw-nycq", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12362.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12362.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83277", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83241", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83251", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83175", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83235", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83205", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01902", "scoring_system": "epss", "scoring_elements": "0.83191", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03139", "scoring_system": "epss", "scoring_elements": "0.86901", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03139", "scoring_system": "epss", "scoring_elements": "0.869", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595027", "reference_id": "1595027", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595027" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201807-4", "reference_id": "ASA-201807-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-4" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-728", "reference_id": "AVG-728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-728" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2251", "reference_id": "RHSA-2018:2251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2252", "reference_id": "RHSA-2018:2252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2252" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" }, { "reference_url": "https://usn.ubuntu.com/3714-1/", "reference_id": "USN-3714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12362" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-89t2-wzrw-nycq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60701?format=api", "vulnerability_id": "VCID-a79m-8sp3-v3dh", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83738", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83703", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83708", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83714", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83638", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83698", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83691", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83667", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83665", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02012", "scoring_system": "epss", "scoring_elements": "0.83651", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03316", "scoring_system": "epss", "scoring_elements": "0.87275", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03316", "scoring_system": "epss", "scoring_elements": "0.87281", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595025", "reference_id": "1595025", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595025" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201807-4", "reference_id": "ASA-201807-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-4" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-728", "reference_id": "AVG-728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-728" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2251", "reference_id": "RHSA-2018:2251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2252", "reference_id": "RHSA-2018:2252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2252" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" }, { "reference_url": "https://usn.ubuntu.com/3714-1/", "reference_id": "USN-3714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12360" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a79m-8sp3-v3dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60731?format=api", "vulnerability_id": "VCID-adfd-zkn8-3fgd", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5156.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5156.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86836", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86812", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86833", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86837", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86756", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86767", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86786", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86783", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86803", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595037", "reference_id": "1595037", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595037" }, { "reference_url": "https://security.archlinux.org/ASA-201808-8", "reference_id": "ASA-201808-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201808-8" }, { "reference_url": "https://security.archlinux.org/AVG-751", "reference_id": "AVG-751", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-751" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5156" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-adfd-zkn8-3fgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60698?format=api", "vulnerability_id": "VCID-bccq-jn4j-8qd8", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89177", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89164", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89112", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89167", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89171", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89161", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89155", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.8912", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89138", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04526", "scoring_system": "epss", "scoring_elements": "0.89135", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07687", "scoring_system": "epss", "scoring_elements": "0.91923", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.07687", "scoring_system": "epss", "scoring_elements": "0.91926", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16541" }, { "reference_url": "https://blog.torproject.org/tor-browser-709-released", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.torproject.org/tor-browser-709-released" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1412081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1412081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://trac.torproject.org/projects/tor/ticket/24052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://trac.torproject.org/projects/tor/ticket/24052" }, { "reference_url": "https://www.bleepingcomputer.com/news/security/tormoil-vulnerability-leaks-real-ip-address-from-tor-browser-users/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.bleepingcomputer.com/news/security/tormoil-vulnerability-leaks-real-ip-address-from-tor-browser-users/" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4327" }, { "reference_url": "https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-security-vulnerability/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.wearesegment.com/research/tormoil-torbrowser-unspecified-critical-security-vulnerability/" }, { "reference_url": "http://www.securityfocus.com/bid/101665", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101665" }, { "reference_url": "http://www.securitytracker.com/id/1041610", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041610" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510816", "reference_id": "1510816", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510816" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:torproject:tor:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16541", "reference_id": "CVE-2017-16541", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16541" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20", "reference_id": "mfsa2018-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21", "reference_id": "mfsa2018-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25", "reference_id": "mfsa2018-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2692", "reference_id": "RHSA-2018:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2693", "reference_id": "RHSA-2018:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3403", "reference_id": "RHSA-2018:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3458", "reference_id": "RHSA-2018:3458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3458" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2017-16541" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bccq-jn4j-8qd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60706?format=api", "vulnerability_id": "VCID-bfdm-fkfv-nfch", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12365.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12365.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83915", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83881", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83885", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83892", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83815", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83869", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83846", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83844", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02054", "scoring_system": "epss", "scoring_elements": "0.83828", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595030", "reference_id": "1595030", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595030" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201807-4", "reference_id": "ASA-201807-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-4" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-728", "reference_id": "AVG-728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-728" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2251", "reference_id": "RHSA-2018:2251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2252", "reference_id": "RHSA-2018:2252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2252" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" }, { "reference_url": "https://usn.ubuntu.com/3714-1/", "reference_id": "USN-3714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12365" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bfdm-fkfv-nfch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60743?format=api", "vulnerability_id": "VCID-csm4-qspw-83da", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5188.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5188.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86662", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86649", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86656", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86586", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86644", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86635", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86596", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03029", "scoring_system": "epss", "scoring_elements": "0.86615", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04947", "scoring_system": "epss", "scoring_elements": "0.89658", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04947", "scoring_system": "epss", "scoring_elements": "0.89665", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5188" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595040", "reference_id": "1595040", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595040" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201807-4", "reference_id": "ASA-201807-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-4" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-728", "reference_id": "AVG-728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-728" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2251", "reference_id": "RHSA-2018:2251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2252", "reference_id": "RHSA-2018:2252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2252" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" }, { "reference_url": "https://usn.ubuntu.com/3714-1/", "reference_id": "USN-3714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3714-1/" }, { "reference_url": "https://usn.ubuntu.com/3749-1/", "reference_id": "USN-3749-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3749-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5188" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csm4-qspw-83da" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60728?format=api", "vulnerability_id": "VCID-d4bx-x9pb-8kfx", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5150.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5150.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88312", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88246", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88302", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.8831", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.883", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88274", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88254", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5150" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1388020%2C1433609%2C1409440%2C1448705%2C1451376%2C1452202%2C1444668%2C1393367%2C1411415%2C1426129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1388020%2C1433609%2C1409440%2C1448705%2C1451376%2C1452202%2C1444668%2C1393367%2C1411415%2C1426129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4209" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-11/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/" }, { "reference_url": "http://www.securityfocus.com/bid/104136", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104136" }, { "reference_url": "http://www.securitytracker.com/id/1040896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250", "reference_id": "1576250", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250" }, { "reference_url": "https://security.archlinux.org/ASA-201805-10", "reference_id": "ASA-201805-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-10" }, { "reference_url": "https://security.archlinux.org/ASA-201805-21", "reference_id": "ASA-201805-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-21" }, { "reference_url": "https://security.archlinux.org/AVG-693", "reference_id": "AVG-693", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-693" }, { "reference_url": "https://security.archlinux.org/AVG-707", "reference_id": "AVG-707", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-707" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150", "reference_id": "CVE-2018-5150", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11", "reference_id": "mfsa2018-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13", "reference_id": "mfsa2018-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1725", "reference_id": "RHSA-2018:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1726", "reference_id": "RHSA-2018:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1726" }, { "reference_url": "https://usn.ubuntu.com/3645-1/", "reference_id": "USN-3645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3645-1/" }, { "reference_url": "https://usn.ubuntu.com/3660-1/", "reference_id": "USN-3660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3660-1/" }, { "reference_url": "https://usn.ubuntu.com/3688-1/", "reference_id": "USN-3688-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3688-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5150" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d4bx-x9pb-8kfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60734?format=api", "vulnerability_id": "VCID-ewqm-puf8-hkbv", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.7737", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77327", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77336", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77363", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77343", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77339", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77379", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77378", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77281", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77287", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77315", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01032", "scoring_system": "epss", "scoring_elements": "0.77297", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5168" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1449548", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1449548" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4209" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-11/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/" }, { "reference_url": "http://www.securityfocus.com/bid/104136", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104136" }, { "reference_url": "http://www.securitytracker.com/id/1040896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269", "reference_id": "1576269", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269" }, { "reference_url": "https://security.archlinux.org/ASA-201805-10", "reference_id": "ASA-201805-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-10" }, { "reference_url": "https://security.archlinux.org/ASA-201805-21", "reference_id": "ASA-201805-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-21" }, { "reference_url": "https://security.archlinux.org/AVG-693", "reference_id": "AVG-693", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-693" }, { "reference_url": "https://security.archlinux.org/AVG-707", "reference_id": "AVG-707", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-707" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168", "reference_id": "CVE-2018-5168", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11", "reference_id": "mfsa2018-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13", "reference_id": "mfsa2018-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1725", "reference_id": "RHSA-2018:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1726", "reference_id": "RHSA-2018:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1726" }, { "reference_url": "https://usn.ubuntu.com/3645-1/", "reference_id": "USN-3645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3645-1/" }, { "reference_url": "https://usn.ubuntu.com/3660-1/", "reference_id": "USN-3660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3660-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5168" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewqm-puf8-hkbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60725?format=api", "vulnerability_id": "VCID-eyaw-nzuh-8ue2", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5130.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5130.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78562", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78539", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78565", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78546", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78538", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78566", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78488", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78494", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78508", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78534", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5130" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1433005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1433005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4139" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-07/" }, { "reference_url": "http://www.securityfocus.com/bid/103388", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103388" }, { "reference_url": "http://www.securitytracker.com/id/1040514", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040514" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555130", "reference_id": "1555130", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555130" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5130", "reference_id": "CVE-2018-5130", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5130" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06", "reference_id": "mfsa2018-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07", "reference_id": "mfsa2018-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0526", "reference_id": "RHSA-2018:0526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0527", "reference_id": "RHSA-2018:0527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0527" }, { "reference_url": "https://usn.ubuntu.com/3596-1/", "reference_id": "USN-3596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3596-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5130" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eyaw-nzuh-8ue2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60716?format=api", "vulnerability_id": "VCID-f4pn-vjxk-ybfx", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12379.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12379.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12379", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26943", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27097", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27053", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26979", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27111", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27152", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27188", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2698", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27048", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27094", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625528", "reference_id": "1625528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625528" }, { "reference_url": "https://security.archlinux.org/ASA-201810-13", "reference_id": "ASA-201810-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201810-13" }, { "reference_url": "https://security.archlinux.org/AVG-782", "reference_id": "AVG-782", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-782" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20", "reference_id": "mfsa2018-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21", "reference_id": "mfsa2018-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25", "reference_id": "mfsa2018-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2692", "reference_id": "RHSA-2018:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2693", "reference_id": "RHSA-2018:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3403", "reference_id": "RHSA-2018:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3458", "reference_id": "RHSA-2018:3458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3458" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12379" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f4pn-vjxk-ybfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60702?format=api", "vulnerability_id": "VCID-f79a-dxkf-8yeu", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12361.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12361.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12361", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78679", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78652", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78658", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78683", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78656", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78685", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78607", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78614", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78645", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0117", "scoring_system": "epss", "scoring_elements": "0.78626", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595026", "reference_id": "1595026", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595026" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201808-8", "reference_id": "ASA-201808-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201808-8" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-751", "reference_id": "AVG-751", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-751" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12361" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f79a-dxkf-8yeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60726?format=api", "vulnerability_id": "VCID-fcvd-rpmu-1ygk", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5131.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5131.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79617", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79609", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79593", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79585", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79615", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79614", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79536", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79542", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79565", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79552", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.7958", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01281", "scoring_system": "epss", "scoring_elements": "0.79588", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5131" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1440775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1440775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4139" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-07/" }, { "reference_url": "http://www.securityfocus.com/bid/103388", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103388" }, { "reference_url": "http://www.securitytracker.com/id/1040514", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040514" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555131", "reference_id": "1555131", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555131" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5131", "reference_id": "CVE-2018-5131", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5131" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06", "reference_id": "mfsa2018-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07", "reference_id": "mfsa2018-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0526", "reference_id": "RHSA-2018:0526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0527", "reference_id": "RHSA-2018:0527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0527" }, { "reference_url": "https://usn.ubuntu.com/3596-1/", "reference_id": "USN-3596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3596-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5131" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fcvd-rpmu-1ygk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60714?format=api", "vulnerability_id": "VCID-gr1m-pdaw-a3h1", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12377.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12377.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12377", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86836", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86833", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86837", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86756", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86767", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86786", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86783", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86812", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625526", "reference_id": "1625526", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625526" }, { "reference_url": "https://security.archlinux.org/ASA-201810-13", "reference_id": "ASA-201810-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201810-13" }, { "reference_url": "https://security.archlinux.org/AVG-782", "reference_id": "AVG-782", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-782" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20", "reference_id": "mfsa2018-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21", "reference_id": "mfsa2018-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25", "reference_id": "mfsa2018-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2692", "reference_id": "RHSA-2018:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2693", "reference_id": "RHSA-2018:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3403", "reference_id": "RHSA-2018:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3458", "reference_id": "RHSA-2018:3458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3458" }, { "reference_url": "https://usn.ubuntu.com/3761-1/", "reference_id": "USN-3761-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3761-1/" }, { "reference_url": "https://usn.ubuntu.com/3793-1/", "reference_id": "USN-3793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12377" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gr1m-pdaw-a3h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60727?format=api", "vulnerability_id": "VCID-gr47-gb4n-87an", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5144.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5144.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5144", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90452", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90419", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90433", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90439", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90447", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90455", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90399", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05728", "scoring_system": "epss", "scoring_elements": "0.90415", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5144" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1440926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1440926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4139" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4155" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-09/" }, { "reference_url": "http://www.securityfocus.com/bid/103384", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103384" }, { "reference_url": "http://www.securitytracker.com/id/1040514", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040514" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555132", "reference_id": "1555132", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555132" }, { "reference_url": "https://security.archlinux.org/ASA-201803-22", "reference_id": "ASA-201803-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-22" }, { "reference_url": "https://security.archlinux.org/AVG-663", "reference_id": "AVG-663", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-663" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5144", "reference_id": "CVE-2018-5144", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5144" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07", "reference_id": "mfsa2018-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09", "reference_id": "mfsa2018-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0526", "reference_id": "RHSA-2018:0526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0527", "reference_id": "RHSA-2018:0527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0647", "reference_id": "RHSA-2018:0647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0648", "reference_id": "RHSA-2018:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0648" }, { "reference_url": "https://usn.ubuntu.com/3545-1/", "reference_id": "USN-3545-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3545-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5144" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gr47-gb4n-87an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60699?format=api", "vulnerability_id": "VCID-gw8k-uktt-1qft", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12358.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12358.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51939", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52076", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52049", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52089", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52095", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51987", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52013", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.51979", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52033", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52031", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52083", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52066", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12358" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595023", "reference_id": "1595023", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595023" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12358" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gw8k-uktt-1qft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60710?format=api", "vulnerability_id": "VCID-h34x-5zq6-73a3", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12369.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12369.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12369", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68278", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68281", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68247", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68287", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68298", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68187", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68208", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68226", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68202", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68253", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68268", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00559", "scoring_system": "epss", "scoring_elements": "0.68293", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12369" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595034", "reference_id": "1595034", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595034" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12369" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h34x-5zq6-73a3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60707?format=api", "vulnerability_id": "VCID-j7j8-g9du-mqfz", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12366.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12366.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77805", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77749", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77733", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77761", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77766", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77776", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77812", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77811", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77716", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01075", "scoring_system": "epss", "scoring_elements": "0.77722", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595031", "reference_id": "1595031", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595031" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201807-4", "reference_id": "ASA-201807-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-4" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-728", "reference_id": "AVG-728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-728" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2251", "reference_id": "RHSA-2018:2251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2252", "reference_id": "RHSA-2018:2252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2252" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" }, { "reference_url": "https://usn.ubuntu.com/3714-1/", "reference_id": "USN-3714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12366" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j7j8-g9du-mqfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60721?format=api", "vulnerability_id": "VCID-jjs1-hz7p-fke6", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96891", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96937", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96922", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96929", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96933", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96898", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96903", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96907", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96916", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.96917", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.33401", "scoring_system": "epss", "scoring_elements": "0.9692", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635452", "reference_id": "1635452", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635452" }, { "reference_url": "https://security.archlinux.org/ASA-201810-6", "reference_id": "ASA-201810-6", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201810-6" }, { "reference_url": "https://security.archlinux.org/AVG-775", "reference_id": "AVG-775", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-775" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-24", "reference_id": "mfsa2018-24", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-24" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2881", "reference_id": "RHSA-2018:2881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2884", "reference_id": "RHSA-2018:2884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2884" }, { "reference_url": "https://usn.ubuntu.com/3778-1/", "reference_id": "USN-3778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3778-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12387" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jjs1-hz7p-fke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60733?format=api", "vulnerability_id": "VCID-jtrv-jyme-sybh", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97206", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97177", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97187", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97188", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97192", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97201", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97203", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97164", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.9717", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.37556", "scoring_system": "epss", "scoring_elements": "0.97176", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5159" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1441941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1441941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4209" }, { "reference_url": "https://www.exploit-db.com/exploits/44759/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/44759/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-11/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/" }, { "reference_url": "http://www.securityfocus.com/bid/104136", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104136" }, { "reference_url": "http://www.securitytracker.com/id/1040896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260", "reference_id": "1576260", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260" }, { "reference_url": "https://security.archlinux.org/ASA-201805-10", "reference_id": "ASA-201805-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-10" }, { "reference_url": "https://security.archlinux.org/ASA-201805-21", "reference_id": "ASA-201805-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-21" }, { "reference_url": "https://security.archlinux.org/AVG-693", "reference_id": "AVG-693", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-693" }, { "reference_url": "https://security.archlinux.org/AVG-707", "reference_id": "AVG-707", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-707" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1541", "reference_id": "CVE-2018-5159", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1541" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/44759.html", "reference_id": "CVE-2018-5159", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/44759.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159", "reference_id": "CVE-2018-5159", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11", "reference_id": "mfsa2018-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13", "reference_id": "mfsa2018-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1725", "reference_id": "RHSA-2018:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1726", "reference_id": "RHSA-2018:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1726" }, { "reference_url": "https://usn.ubuntu.com/3645-1/", "reference_id": "USN-3645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3645-1/" }, { "reference_url": "https://usn.ubuntu.com/3660-1/", "reference_id": "USN-3660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3660-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5159" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jtrv-jyme-sybh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60718?format=api", "vulnerability_id": "VCID-kbqr-p81f-k3ch", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12383.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12383.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12383", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23534", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23606", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23561", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23554", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23532", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23734", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23515", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23587", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23633", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23648", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625531", "reference_id": "1625531", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625531" }, { "reference_url": "https://security.archlinux.org/ASA-201810-13", "reference_id": "ASA-201810-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201810-13" }, { "reference_url": "https://security.archlinux.org/AVG-782", "reference_id": "AVG-782", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-782" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20", "reference_id": "mfsa2018-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-23", "reference_id": "mfsa2018-23", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-23" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25", "reference_id": "mfsa2018-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2834", "reference_id": "RHSA-2018:2834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2835", "reference_id": "RHSA-2018:2835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3403", "reference_id": "RHSA-2018:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3458", "reference_id": "RHSA-2018:3458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3458" }, { "reference_url": "https://usn.ubuntu.com/3761-1/", "reference_id": "USN-3761-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3761-1/" }, { "reference_url": "https://usn.ubuntu.com/3793-1/", "reference_id": "USN-3793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12383" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kbqr-p81f-k3ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9445?format=api", "vulnerability_id": "VCID-mfwc-dm4n-vbey", "summary": "Code injection\nThe PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5158.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5158.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4138", "scoring_system": "epss", "scoring_elements": "0.97376", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.4138", "scoring_system": "epss", "scoring_elements": "0.97382", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.4138", "scoring_system": "epss", "scoring_elements": "0.97387", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.4138", "scoring_system": "epss", "scoring_elements": "0.97394", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.43031", "scoring_system": "epss", "scoring_elements": "0.97497", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.43031", "scoring_system": "epss", "scoring_elements": "0.975", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.43031", "scoring_system": "epss", "scoring_elements": "0.97486", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.43031", "scoring_system": "epss", "scoring_elements": "0.97484", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.43031", "scoring_system": "epss", "scoring_elements": "0.97488", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.43031", "scoring_system": "epss", "scoring_elements": "0.97489", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5158" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1452075", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1452075" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://github.com/mozilla/pdf.js", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mozilla/pdf.js" }, { "reference_url": "https://github.com/mozilla/pdf.js/commit/2dc4af525d1612c98afcd1e6bee57d4788f78f97", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mozilla/pdf.js/commit/2dc4af525d1612c98afcd1e6bee57d4788f78f97" }, { "reference_url": "https://github.com/mozilla/pdf.js/pull/9659", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/mozilla/pdf.js/pull/9659" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://usn.ubuntu.com/3645-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3645-1" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-11/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "http://www.securityfocus.com/bid/104136", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/104136" }, { "reference_url": "http://www.securitytracker.com/id/1040896", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securitytracker.com/id/1040896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259", "reference_id": "1576259", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926482", "reference_id": "926482", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926482" }, { "reference_url": "https://security.archlinux.org/ASA-201805-10", "reference_id": "ASA-201805-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-10" }, { "reference_url": "https://security.archlinux.org/AVG-693", "reference_id": "AVG-693", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-693" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-7jg2-jgv3-fmr4", "reference_id": "GHSA-7jg2-jgv3-fmr4", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7jg2-jgv3-fmr4" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11", "reference_id": "mfsa2018-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://usn.ubuntu.com/3645-1/", "reference_id": "USN-3645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5158", "GHSA-7jg2-jgv3-fmr4" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfwc-dm4n-vbey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60708?format=api", "vulnerability_id": "VCID-n454-esxc-ckhd", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12367.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12367.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12367", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79532", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79503", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79525", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79508", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79499", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79529", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79528", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.7945", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79457", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.7948", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79467", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01271", "scoring_system": "epss", "scoring_elements": "0.79495", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12371" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5187" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595032", "reference_id": "1595032", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595032" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201808-8", "reference_id": "ASA-201808-8", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201808-8" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-751", "reference_id": "AVG-751", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-751" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12367" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n454-esxc-ckhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60739?format=api", "vulnerability_id": "VCID-nuqf-n5jd-cke6", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5186.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5186.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82234", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82339", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82308", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82302", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82337", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82246", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82266", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82261", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82287", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82314", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595038", "reference_id": "1595038", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595038" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5186" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nuqf-n5jd-cke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60715?format=api", "vulnerability_id": "VCID-pryc-r9jn-9bds", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12378.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12378.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86836", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86833", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86837", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86756", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86767", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86786", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86783", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86812", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625527", "reference_id": "1625527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625527" }, { "reference_url": "https://security.archlinux.org/ASA-201810-13", "reference_id": "ASA-201810-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201810-13" }, { "reference_url": "https://security.archlinux.org/AVG-782", "reference_id": "AVG-782", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-782" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20", "reference_id": "mfsa2018-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21", "reference_id": "mfsa2018-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25", "reference_id": "mfsa2018-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2692", "reference_id": "RHSA-2018:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2693", "reference_id": "RHSA-2018:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3403", "reference_id": "RHSA-2018:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3458", "reference_id": "RHSA-2018:3458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3458" }, { "reference_url": "https://usn.ubuntu.com/3761-1/", "reference_id": "USN-3761-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3761-1/" }, { "reference_url": "https://usn.ubuntu.com/3793-1/", "reference_id": "USN-3793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12378" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pryc-r9jn-9bds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60709?format=api", "vulnerability_id": "VCID-sjy7-cp3x-nfh2", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83504", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83461", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83475", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83469", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83464", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.835", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83502", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83413", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83428", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83427", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01952", "scoring_system": "epss", "scoring_elements": "0.83451", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12368" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595033", "reference_id": "1595033", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595033" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12368" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sjy7-cp3x-nfh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60705?format=api", "vulnerability_id": "VCID-sr45-86k8-8ybs", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12364.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12364.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85828", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85774", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85793", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85818", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85811", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.8583", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85834", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85737", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85749", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0267", "scoring_system": "epss", "scoring_elements": "0.85768", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595029", "reference_id": "1595029", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595029" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201807-4", "reference_id": "ASA-201807-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-4" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-728", "reference_id": "AVG-728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-728" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2251", "reference_id": "RHSA-2018:2251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2252", "reference_id": "RHSA-2018:2252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2252" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" }, { "reference_url": "https://usn.ubuntu.com/3714-1/", "reference_id": "USN-3714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12364" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sr45-86k8-8ybs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60738?format=api", "vulnerability_id": "VCID-swgj-zee2-x3hv", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5183.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5183.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88312", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.883", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.8831", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88302", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88246", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88254", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03916", "scoring_system": "epss", "scoring_elements": "0.88274", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5183" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1454692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1454692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4209" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/" }, { "reference_url": "http://www.securityfocus.com/bid/104138", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104138" }, { "reference_url": "http://www.securitytracker.com/id/1040898", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040898" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283", "reference_id": "1576283", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283" }, { "reference_url": "https://security.archlinux.org/ASA-201805-21", "reference_id": "ASA-201805-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-21" }, { "reference_url": "https://security.archlinux.org/AVG-707", "reference_id": "AVG-707", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-707" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183", "reference_id": "CVE-2018-5183", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13", "reference_id": "mfsa2018-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1725", "reference_id": "RHSA-2018:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1726", "reference_id": "RHSA-2018:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1726" }, { "reference_url": "https://usn.ubuntu.com/3660-1/", "reference_id": "USN-3660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3660-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5183" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swgj-zee2-x3hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60704?format=api", "vulnerability_id": "VCID-u23v-7afk-qben", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12363.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12363.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85544", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85482", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85502", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85511", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85525", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85523", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.8552", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85543", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85548", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85449", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85462", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02562", "scoring_system": "epss", "scoring_elements": "0.85479", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595028", "reference_id": "1595028", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595028" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201807-4", "reference_id": "ASA-201807-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-4" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-728", "reference_id": "AVG-728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-728" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2251", "reference_id": "RHSA-2018:2251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2252", "reference_id": "RHSA-2018:2252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2252" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" }, { "reference_url": "https://usn.ubuntu.com/3714-1/", "reference_id": "USN-3714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12363" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u23v-7afk-qben" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60723?format=api", "vulnerability_id": "VCID-vhy3-sx9u-budr", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5127.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5127.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95515", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95491", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95497", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95499", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95507", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95512", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95462", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95472", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95478", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.20177", "scoring_system": "epss", "scoring_elements": "0.95482", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5127" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1430557", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1430557" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4139" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4155" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-09/" }, { "reference_url": "http://www.securityfocus.com/bid/103388", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103388" }, { "reference_url": "http://www.securitytracker.com/id/1040514", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040514" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555128", "reference_id": "1555128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555128" }, { "reference_url": "https://security.archlinux.org/ASA-201803-22", "reference_id": "ASA-201803-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-22" }, { "reference_url": "https://security.archlinux.org/AVG-663", "reference_id": "AVG-663", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-663" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5127", "reference_id": "CVE-2018-5127", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5127" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06", "reference_id": "mfsa2018-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07", "reference_id": "mfsa2018-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09", "reference_id": "mfsa2018-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0526", "reference_id": "RHSA-2018:0526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0527", "reference_id": "RHSA-2018:0527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0647", "reference_id": "RHSA-2018:0647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0648", "reference_id": "RHSA-2018:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0648" }, { "reference_url": "https://usn.ubuntu.com/3545-1/", "reference_id": "USN-3545-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3545-1/" }, { "reference_url": "https://usn.ubuntu.com/3596-1/", "reference_id": "USN-3596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3596-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5127" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhy3-sx9u-budr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60732?format=api", "vulnerability_id": "VCID-w3wj-w2gp-kqh4", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5157.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5157.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69125", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69142", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69097", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69136", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69146", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69031", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69048", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69069", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.6905", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.691", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00587", "scoring_system": "epss", "scoring_elements": "0.69119", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5157" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1449898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1449898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-11/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "http://www.securityfocus.com/bid/104136", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104136" }, { "reference_url": "http://www.securitytracker.com/id/1040896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258", "reference_id": "1576258", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258" }, { "reference_url": "https://security.archlinux.org/ASA-201805-10", "reference_id": "ASA-201805-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-10" }, { "reference_url": "https://security.archlinux.org/AVG-693", "reference_id": "AVG-693", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-693" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157", "reference_id": "CVE-2018-5157", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11", "reference_id": "mfsa2018-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://usn.ubuntu.com/3645-1/", "reference_id": "USN-3645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5157" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w3wj-w2gp-kqh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60729?format=api", "vulnerability_id": "VCID-w44w-qwmk-mbbd", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5154.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5154.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86409", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86378", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86401", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86394", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86411", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86416", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86329", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.8634", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86358", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02921", "scoring_system": "epss", "scoring_elements": "0.86359", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5154" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1443092", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1443092" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4209" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-11/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-11/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/" }, { "reference_url": "http://www.securityfocus.com/bid/104136", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104136" }, { "reference_url": "http://www.securitytracker.com/id/1040896", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255", "reference_id": "1576255", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255" }, { "reference_url": "https://security.archlinux.org/ASA-201805-10", "reference_id": "ASA-201805-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-10" }, { "reference_url": "https://security.archlinux.org/ASA-201805-21", "reference_id": "ASA-201805-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-21" }, { "reference_url": "https://security.archlinux.org/AVG-693", "reference_id": "AVG-693", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-693" }, { "reference_url": "https://security.archlinux.org/AVG-707", "reference_id": "AVG-707", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-707" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154", "reference_id": "CVE-2018-5154", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11", "reference_id": "mfsa2018-11", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13", "reference_id": "mfsa2018-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1725", "reference_id": "RHSA-2018:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1726", "reference_id": "RHSA-2018:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1726" }, { "reference_url": "https://usn.ubuntu.com/3645-1/", "reference_id": "USN-3645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3645-1/" }, { "reference_url": "https://usn.ubuntu.com/3660-1/", "reference_id": "USN-3660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3660-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5154" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w44w-qwmk-mbbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60713?format=api", "vulnerability_id": "VCID-wj3c-xpra-vffj", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12376.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12376.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86836", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86833", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86837", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86756", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86767", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86786", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86783", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86803", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03107", "scoring_system": "epss", "scoring_elements": "0.86812", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12379" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18499" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625525", "reference_id": "1625525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1625525" }, { "reference_url": "https://security.archlinux.org/ASA-201810-13", "reference_id": "ASA-201810-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201810-13" }, { "reference_url": "https://security.archlinux.org/AVG-782", "reference_id": "AVG-782", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-782" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20", "reference_id": "mfsa2018-20", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-20" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21", "reference_id": "mfsa2018-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-21" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25", "reference_id": "mfsa2018-25", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-25" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2692", "reference_id": "RHSA-2018:2692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2693", "reference_id": "RHSA-2018:2693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3403", "reference_id": "RHSA-2018:3403", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3458", "reference_id": "RHSA-2018:3458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3458" }, { "reference_url": "https://usn.ubuntu.com/3761-1/", "reference_id": "USN-3761-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3761-1/" }, { "reference_url": "https://usn.ubuntu.com/3793-1/", "reference_id": "USN-3793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12376" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wj3c-xpra-vffj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60722?format=api", "vulnerability_id": "VCID-y14s-zt8p-syby", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5125.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5125.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5125", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77749", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77705", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.7771", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77736", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.7772", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77719", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77757", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77756", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77661", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77667", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77694", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01069", "scoring_system": "epss", "scoring_elements": "0.77678", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5125" }, { "reference_url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1416529%2C1434580%2C1434384%2C1437450%2C1437507%2C1426988%2C1438425%2C1324042%2C1437087%2C1443865%2C1425520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1416529%2C1434580%2C1434384%2C1437450%2C1437507%2C1426988%2C1438425%2C1324042%2C1437087%2C1443865%2C1425520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4139" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4155" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-06/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-06/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-07/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-07/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-09/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-09/" }, { "reference_url": "http://www.securityfocus.com/bid/103388", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/103388" }, { "reference_url": "http://www.securitytracker.com/id/1040514", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040514" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555127", "reference_id": "1555127", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555127" }, { "reference_url": "https://security.archlinux.org/ASA-201803-22", "reference_id": "ASA-201803-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-22" }, { "reference_url": "https://security.archlinux.org/AVG-663", "reference_id": "AVG-663", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-663" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5125", "reference_id": "CVE-2018-5125", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5125" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06", "reference_id": "mfsa2018-06", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07", "reference_id": "mfsa2018-07", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09", "reference_id": "mfsa2018-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0526", "reference_id": "RHSA-2018:0526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0527", "reference_id": "RHSA-2018:0527", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0527" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0647", "reference_id": "RHSA-2018:0647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0648", "reference_id": "RHSA-2018:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0648" }, { "reference_url": "https://usn.ubuntu.com/3545-1/", "reference_id": "USN-3545-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3545-1/" }, { "reference_url": "https://usn.ubuntu.com/3596-1/", "reference_id": "USN-3596-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3596-1/" }, { "reference_url": "https://usn.ubuntu.com/3688-1/", "reference_id": "USN-3688-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3688-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5125" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y14s-zt8p-syby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60700?format=api", "vulnerability_id": "VCID-ym7a-e9b5-5ygm", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12359.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12359.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.86948", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.86933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.86939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.86944", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.86879", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.8693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.86922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.86902", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.86909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03167", "scoring_system": "epss", "scoring_elements": "0.8689", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05167", "scoring_system": "epss", "scoring_elements": "0.89909", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05167", "scoring_system": "epss", "scoring_elements": "0.89915", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12374" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5188" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595024", "reference_id": "1595024", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595024" }, { "reference_url": "https://security.archlinux.org/ASA-201806-14", "reference_id": "ASA-201806-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-14" }, { "reference_url": "https://security.archlinux.org/ASA-201807-4", "reference_id": "ASA-201807-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201807-4" }, { "reference_url": "https://security.archlinux.org/AVG-727", "reference_id": "AVG-727", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-727" }, { "reference_url": "https://security.archlinux.org/AVG-728", "reference_id": "AVG-728", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-728" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15", "reference_id": "mfsa2018-15", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-15" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16", "reference_id": "mfsa2018-16", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-16" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17", "reference_id": "mfsa2018-17", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-17" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18", "reference_id": "mfsa2018-18", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-18" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19", "reference_id": "mfsa2018-19", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2251", "reference_id": "RHSA-2018:2251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2251" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2252", "reference_id": "RHSA-2018:2252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2252" }, { "reference_url": "https://usn.ubuntu.com/3705-1/", "reference_id": "USN-3705-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3705-1/" }, { "reference_url": "https://usn.ubuntu.com/3714-1/", "reference_id": "USN-3714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-12359" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ym7a-e9b5-5ygm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60735?format=api", "vulnerability_id": "VCID-yzys-pzzg-a7dk", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1415" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5178.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5178.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95202", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.9518", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95189", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95153", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95164", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95165", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.18164", "scoring_system": "epss", "scoring_elements": "0.95176", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5178" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1443891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1443891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4199", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4199" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4209" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-12/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/" }, { "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-13/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/" }, { "reference_url": "http://www.securityfocus.com/bid/104138", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104138" }, { "reference_url": "http://www.securitytracker.com/id/1040898", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1040898" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278", "reference_id": "1576278", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278" }, { "reference_url": "https://security.archlinux.org/ASA-201805-21", "reference_id": "ASA-201805-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-21" }, { "reference_url": "https://security.archlinux.org/AVG-707", "reference_id": "AVG-707", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-707" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178", "reference_id": "CVE-2018-5178", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178" }, { "reference_url": "https://security.gentoo.org/glsa/201811-13", "reference_id": "GLSA-201811-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201811-13" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12", "reference_id": "mfsa2018-12", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13", "reference_id": "mfsa2018-13", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1725", "reference_id": "RHSA-2018:1725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1726", "reference_id": "RHSA-2018:1726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1726" }, { "reference_url": "https://usn.ubuntu.com/3660-1/", "reference_id": "USN-3660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3660-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-5178" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yzys-pzzg-a7dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60745?format=api", "vulnerability_id": "VCID-zpx3-dck3-6bfy", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n worst of which may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6126.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6126.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.41185", "scoring_system": "epss", "scoring_elements": "0.97398", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.41185", "scoring_system": "epss", "scoring_elements": "0.97399", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.97601", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.97592", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.97608", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.9761", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.97613", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.97615", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.97623", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.97598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.45608", "scoring_system": "epss", "scoring_elements": "0.97602", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6126" }, { "reference_url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html" }, { "reference_url": "https://crbug.com/844457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://crbug.com/844457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6124", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6124" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6125", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6125" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6126", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6126" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6133", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6133" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6141", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6141" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6149" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/201810-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201810-01" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4220" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4237", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4237" }, { "reference_url": "https://www.exploit-db.com/exploits/45098/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/45098/" }, { "reference_url": "http://www.securityfocus.com/bid/104309", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104309" }, { "reference_url": "http://www.securityfocus.com/bid/104411", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/104411" }, { "reference_url": "http://www.securitytracker.com/id/1041014", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041014" }, { "reference_url": "http://www.securitytracker.com/id/1041046", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1041046" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584035", "reference_id": "1584035", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1584035" }, { "reference_url": "https://security.archlinux.org/ASA-201806-5", "reference_id": "ASA-201806-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201806-5" }, { "reference_url": "https://security.archlinux.org/AVG-715", "reference_id": "AVG-715", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-715" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1579", "reference_id": "CVE-2018-6126", "reference_type": "exploit", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1579" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/45098.txt", "reference_id": "CVE-2018-6126", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/45098.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6126", "reference_id": "CVE-2018-6126", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6126" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-14", "reference_id": "mfsa2018-14", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-14" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1815", "reference_id": "RHSA-2018:1815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2112", "reference_id": "RHSA-2018:2112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:2113", "reference_id": "RHSA-2018:2113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:2113" }, { "reference_url": "https://usn.ubuntu.com/3682-1/", "reference_id": "USN-3682-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3682-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api", "purl": "pkg:ebuild/www-client/firefox@60.2.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" } ], "aliases": [ "CVE-2018-6126" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zpx3-dck3-6bfy" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2" }