Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/1478?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/1478?format=api", "vulnerability_id": "VCID-yw14-7xmq-g3e6", "summary": "An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest.", "aliases": [ { "alias": "CVE-2018-5146" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1796?format=api", "purl": "pkg:alpm/archlinux/firefox@59.0.1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@59.0.1-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1798?format=api", "purl": "pkg:alpm/archlinux/lib32-libvorbis@1.3.6-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libvorbis@1.3.6-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1858?format=api", "purl": "pkg:alpm/archlinux/libvorbis@1.3.6-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libvorbis@1.3.6-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1794?format=api", "purl": "pkg:alpm/archlinux/thunderbird@52.7.0-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.7.0-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/94527?format=api", "purl": "pkg:deb/debian/firefox@59.0.1-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@59.0.1-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/94464?format=api", "purl": "pkg:deb/debian/firefox@151.0.3-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@151.0.3-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/94841?format=api", "purl": "pkg:deb/debian/firefox-esr@52.7.2esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@52.7.2esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94686?format=api", "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94684?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94688?format=api", "purl": "pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.2esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/94687?format=api", "purl": "pkg:deb/debian/firefox-esr@140.11.0esr-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ghpk-c1e6-pkae" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/4643?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.4-2%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.4-2%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4928?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.5-4%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.5-4%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/104346?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.5-4.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.5-4.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/5892?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.6-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.6-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/104326?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104328?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/131038?format=api", "purl": "pkg:deb/debian/thunderbird@1:52.7.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:52.7.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/130941?format=api", "purl": "pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/130939?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/130943?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/130942?format=api", "purl": "pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/769?format=api", "purl": "pkg:mozilla/Firefox@59.0.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@59.0.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/770?format=api", "purl": "pkg:mozilla/Firefox%20ESR@52.7.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@52.7.2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1795?format=api", "purl": "pkg:alpm/archlinux/firefox@59.0-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-dn6k-uzwy-8fbj" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@59.0-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1797?format=api", "purl": "pkg:alpm/archlinux/lib32-libvorbis@1.3.5-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libvorbis@1.3.5-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1857?format=api", "purl": "pkg:alpm/archlinux/libvorbis@1.3.5-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/libvorbis@1.3.5-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1793?format=api", "purl": "pkg:alpm/archlinux/thunderbird@52.6.0-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vcg-jqmc-hbgv" }, { "vulnerability": "VCID-hv3z-93zn-ebhp" }, { "vulnerability": "VCID-j2t7-a23g-zqf8" }, { "vulnerability": "VCID-mgns-xhb9-cuc3" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" }, { "vulnerability": "VCID-zuwx-k59j-zqap" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.6.0-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/4635?format=api", "purl": "pkg:deb/debian/libvorbis@1.0rc3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-j8zw-dg26-hfbe" }, { "vulnerability": "VCID-k4pn-yxd9-h3ad" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-nbbh-ws5y-3uh4" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.0rc3-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4636?format=api", "purl": "pkg:deb/debian/libvorbis@1.1.0-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-j8zw-dg26-hfbe" }, { "vulnerability": "VCID-k4pn-yxd9-h3ad" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-nbbh-ws5y-3uh4" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.1.0-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/4637?format=api", "purl": "pkg:deb/debian/libvorbis@1.1.2.dfsg-1.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-j8zw-dg26-hfbe" }, { "vulnerability": "VCID-k4pn-yxd9-h3ad" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-nbbh-ws5y-3uh4" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.1.2.dfsg-1.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/4638?format=api", "purl": "pkg:deb/debian/libvorbis@1.1.2.dfsg-1.4%2Betch1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-j8zw-dg26-hfbe" }, { "vulnerability": "VCID-k4pn-yxd9-h3ad" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-nbbh-ws5y-3uh4" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.1.2.dfsg-1.4%252Betch1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4639?format=api", "purl": "pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1%2Blenny1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-j8zw-dg26-hfbe" }, { "vulnerability": "VCID-k4pn-yxd9-h3ad" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-nbbh-ws5y-3uh4" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1%252Blenny1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4640?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.1-1%2Bsqueeze1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-nbbh-ws5y-3uh4" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.1-1%252Bsqueeze1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4641?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.2-1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.2-1.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/4642?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.4-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.4-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/4643?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.4-2%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.4-2%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/4928?format=api", "purl": "pkg:deb/debian/libvorbis@1.3.5-4%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1ntd-28nj-cuex" }, { "vulnerability": "VCID-6dfq-gbf6-7fc7" }, { "vulnerability": "VCID-kad4-b6ez-y3dx" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.5-4%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/150240?format=api", "purl": "pkg:rpm/redhat/firefox@52.7.2-1?arch=el6_9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.7.2-1%3Farch=el6_9" }, { "url": "http://public2.vulnerablecode.io/api/packages/150241?format=api", "purl": "pkg:rpm/redhat/firefox@52.7.2-1?arch=el7_4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.7.2-1%3Farch=el7_4" }, { "url": "http://public2.vulnerablecode.io/api/packages/150236?format=api", "purl": "pkg:rpm/redhat/libvorbis@1:1.2.3-5.el6_9?arch=1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libvorbis@1:1.2.3-5.el6_9%3Farch=1" }, { "url": "http://public2.vulnerablecode.io/api/packages/150237?format=api", "purl": "pkg:rpm/redhat/libvorbis@1:1.3.3-8.el7?arch=1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-yw14-7xmq-g3e6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libvorbis@1:1.3.3-8.el7%3Farch=1" }, { "url": "http://public2.vulnerablecode.io/api/packages/150238?format=api", "purl": "pkg:rpm/redhat/thunderbird@52.7.0-1?arch=el7_4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vcg-jqmc-hbgv" }, { "vulnerability": "VCID-hv3z-93zn-ebhp" }, { "vulnerability": "VCID-j2t7-a23g-zqf8" }, { "vulnerability": "VCID-mgns-xhb9-cuc3" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" }, { "vulnerability": "VCID-zuwx-k59j-zqap" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.7.0-1%3Farch=el7_4" }, { "url": "http://public2.vulnerablecode.io/api/packages/150239?format=api", "purl": "pkg:rpm/redhat/thunderbird@52.7.0-1?arch=el6_9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1vcg-jqmc-hbgv" }, { "vulnerability": "VCID-hv3z-93zn-ebhp" }, { "vulnerability": "VCID-j2t7-a23g-zqf8" }, { "vulnerability": "VCID-mgns-xhb9-cuc3" }, { "vulnerability": "VCID-yw14-7xmq-g3e6" }, { "vulnerability": "VCID-zuwx-k59j-zqap" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.7.0-1%3Farch=el6_9" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5146.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.55641", "scoring_system": "epss", "scoring_elements": "0.9812", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1557221", "reference_id": "1557221", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1557221" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893130", "reference_id": "893130", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893130" }, { "reference_url": "https://security.archlinux.org/ASA-201803-12", "reference_id": "ASA-201803-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-12" }, { "reference_url": "https://security.archlinux.org/ASA-201803-13", "reference_id": "ASA-201803-13", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-13" }, { "reference_url": "https://security.archlinux.org/ASA-201803-21", "reference_id": "ASA-201803-21", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-21" }, { "reference_url": "https://security.archlinux.org/ASA-201803-22", "reference_id": "ASA-201803-22", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201803-22" }, { "reference_url": "https://security.archlinux.org/AVG-367", "reference_id": "AVG-367", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-367" }, { "reference_url": "https://security.archlinux.org/AVG-657", "reference_id": "AVG-657", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-657" }, { "reference_url": "https://security.archlinux.org/AVG-658", "reference_id": "AVG-658", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-658" }, { "reference_url": "https://security.archlinux.org/AVG-663", "reference_id": "AVG-663", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-663" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-08", "reference_id": "mfsa2018-08", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-08" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09", "reference_id": "mfsa2018-09", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0549", "reference_id": "RHSA-2018:0549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0647", "reference_id": "RHSA-2018:0647", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0647" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0648", "reference_id": "RHSA-2018:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0649", "reference_id": "RHSA-2018:0649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1058", "reference_id": "RHSA-2018:1058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1058" } ], "weaknesses": [ { "cwe_id": 122, "name": "Heap-based Buffer Overflow", "description": "A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc()." } ], "exploits": [], "severity_range_score": "8.8 - 10.0", "exploitability": "0.5", "weighted_severity": "9.0", "risk_score": 4.5, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yw14-7xmq-g3e6" }