GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/60723?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60723?format=api",
    "vulnerability_id": "VCID-vhy3-sx9u-budr",
    "summary": "Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which may allow execution of arbitrary code.",
    "aliases": [
        {
            "alias": "CVE-2018-5127"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/371462?format=api",
            "purl": "pkg:alpm/archlinux/thunderbird@52.7.0-1",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.7.0-1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/583377?format=api",
            "purl": "pkg:deb/debian/firefox@59.0-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@59.0-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/582059?format=api",
            "purl": "pkg:deb/debian/firefox@149.0-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1059611?format=api",
            "purl": "pkg:deb/debian/firefox@149.0.2-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1076056?format=api",
            "purl": "pkg:deb/debian/firefox@150.0-1?distro=sid",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/922107?format=api",
            "purl": "pkg:deb/debian/firefox-esr@52.7.0esr-1?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@52.7.0esr-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/582079?format=api",
            "purl": "pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-2fqb-r5zb-a7dp"
                },
                {
                    "vulnerability": "VCID-3kv6-c148-nkhq"
                },
                {
                    "vulnerability": "VCID-59d3-343b-e3aw"
                },
                {
                    "vulnerability": "VCID-5dw5-vpt8-zqbz"
                },
                {
                    "vulnerability": "VCID-61r1-arbe-dke4"
                },
                {
                    "vulnerability": "VCID-7jt2-zr49-7ye5"
                },
                {
                    "vulnerability": "VCID-95et-ezmb-buau"
                },
                {
                    "vulnerability": "VCID-9ag7-z86d-nba9"
                },
                {
                    "vulnerability": "VCID-9nbw-7c9e-13af"
                },
                {
                    "vulnerability": "VCID-av7u-3g4m-mugm"
                },
                {
                    "vulnerability": "VCID-bwth-uepr-z7a3"
                },
                {
                    "vulnerability": "VCID-cjsm-7gxr-8ygw"
                },
                {
                    "vulnerability": "VCID-d16s-p141-qbft"
                },
                {
                    "vulnerability": "VCID-fxjm-ywug-f3d5"
                },
                {
                    "vulnerability": "VCID-hk2m-rbdy-nqhc"
                },
                {
                    "vulnerability": "VCID-ma29-qa7e-9qb4"
                },
                {
                    "vulnerability": "VCID-nge1-4cvg-zqb2"
                },
                {
                    "vulnerability": "VCID-nyum-jpbc-abew"
                },
                {
                    "vulnerability": "VCID-p6yz-xs58-u3gm"
                },
                {
                    "vulnerability": "VCID-pfmd-zv8f-8bfc"
                },
                {
                    "vulnerability": "VCID-q689-wneh-hbdq"
                },
                {
                    "vulnerability": "VCID-q8qp-5szp-mfe8"
                },
                {
                    "vulnerability": "VCID-qbzp-euvv-q7c7"
                },
                {
                    "vulnerability": "VCID-ruqn-mk9t-57hb"
                },
                {
                    "vulnerability": "VCID-tv7r-qf2c-dqbm"
                },
                {
                    "vulnerability": "VCID-w98r-yagc-kkec"
                },
                {
                    "vulnerability": "VCID-z6tm-b352-5uhk"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@115.14.0esr-1~deb11u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/582080?format=api",
            "purl": "pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-f81v-9fv8-93cd"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@128.14.0esr-1~deb12u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/582081?format=api",
            "purl": "pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-f81v-9fv8-93cd"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.8.0esr-1~deb13u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/582082?format=api",
            "purl": "pkg:deb/debian/firefox-esr@140.9.0esr-1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-5dw5-vpt8-zqbz"
                },
                {
                    "vulnerability": "VCID-9ag7-z86d-nba9"
                },
                {
                    "vulnerability": "VCID-f81v-9fv8-93cd"
                },
                {
                    "vulnerability": "VCID-qbzp-euvv-q7c7"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.0esr-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1059612?format=api",
            "purl": "pkg:deb/debian/firefox-esr@140.9.1esr-1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-2fqb-r5zb-a7dp"
                },
                {
                    "vulnerability": "VCID-3kv6-c148-nkhq"
                },
                {
                    "vulnerability": "VCID-59d3-343b-e3aw"
                },
                {
                    "vulnerability": "VCID-61r1-arbe-dke4"
                },
                {
                    "vulnerability": "VCID-7jt2-zr49-7ye5"
                },
                {
                    "vulnerability": "VCID-95et-ezmb-buau"
                },
                {
                    "vulnerability": "VCID-9nbw-7c9e-13af"
                },
                {
                    "vulnerability": "VCID-av7u-3g4m-mugm"
                },
                {
                    "vulnerability": "VCID-bwth-uepr-z7a3"
                },
                {
                    "vulnerability": "VCID-cjsm-7gxr-8ygw"
                },
                {
                    "vulnerability": "VCID-d16s-p141-qbft"
                },
                {
                    "vulnerability": "VCID-f81v-9fv8-93cd"
                },
                {
                    "vulnerability": "VCID-fxjm-ywug-f3d5"
                },
                {
                    "vulnerability": "VCID-hk2m-rbdy-nqhc"
                },
                {
                    "vulnerability": "VCID-ma29-qa7e-9qb4"
                },
                {
                    "vulnerability": "VCID-nge1-4cvg-zqb2"
                },
                {
                    "vulnerability": "VCID-nyum-jpbc-abew"
                },
                {
                    "vulnerability": "VCID-p6yz-xs58-u3gm"
                },
                {
                    "vulnerability": "VCID-pfmd-zv8f-8bfc"
                },
                {
                    "vulnerability": "VCID-q689-wneh-hbdq"
                },
                {
                    "vulnerability": "VCID-q8qp-5szp-mfe8"
                },
                {
                    "vulnerability": "VCID-ruqn-mk9t-57hb"
                },
                {
                    "vulnerability": "VCID-tv7r-qf2c-dqbm"
                },
                {
                    "vulnerability": "VCID-w98r-yagc-kkec"
                },
                {
                    "vulnerability": "VCID-z6tm-b352-5uhk"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.9.1esr-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1076057?format=api",
            "purl": "pkg:deb/debian/firefox-esr@140.10.0esr-1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-f81v-9fv8-93cd"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox-esr@140.10.0esr-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/940822?format=api",
            "purl": "pkg:deb/debian/thunderbird@1:52.7.0-1?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:52.7.0-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/940802?format=api",
            "purl": "pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/940800?format=api",
            "purl": "pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.6.0esr-1~deb12u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/940804?format=api",
            "purl": "pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.8.0esr-1~deb13u1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/940803?format=api",
            "purl": "pkg:deb/debian/thunderbird@1:140.9.0esr-1?distro=trixie",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-5dw5-vpt8-zqbz"
                },
                {
                    "vulnerability": "VCID-9ag7-z86d-nba9"
                },
                {
                    "vulnerability": "VCID-qbzp-euvv-q7c7"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.0esr-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/1067638?format=api",
            "purl": "pkg:deb/debian/thunderbird@1:140.9.1esr-1?distro=trixie",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.9.1esr-1%3Fdistro=trixie"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/85742?format=api",
            "purl": "pkg:ebuild/mail-client/thunderbird@60.3.0",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird@60.3.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/85743?format=api",
            "purl": "pkg:ebuild/mail-client/thunderbird-bin@60.3.0",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/mail-client/thunderbird-bin@60.3.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/85434?format=api",
            "purl": "pkg:ebuild/www-client/firefox@60.2.2",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox@60.2.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/85435?format=api",
            "purl": "pkg:ebuild/www-client/firefox-bin@60.2.2",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/www-client/firefox-bin@60.2.2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/86367?format=api",
            "purl": "pkg:mozilla/Firefox@59.0.0",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@59.0.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/86340?format=api",
            "purl": "pkg:mozilla/Firefox%20ESR@52.7.0",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@52.7.0"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/86349?format=api",
            "purl": "pkg:mozilla/Thunderbird@52.7.0",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@52.7.0"
        }
    ],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/371461?format=api",
            "purl": "pkg:alpm/archlinux/thunderbird@52.6.0-2",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-1gbp-dg93-wud9"
                },
                {
                    "vulnerability": "VCID-fdue-dg92-13cp"
                },
                {
                    "vulnerability": "VCID-gr47-gb4n-87an"
                },
                {
                    "vulnerability": "VCID-vhy3-sx9u-budr"
                },
                {
                    "vulnerability": "VCID-ww34-5gw7-cfa6"
                },
                {
                    "vulnerability": "VCID-y14s-zt8p-syby"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.6.0-2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/109595?format=api",
            "purl": "pkg:rpm/redhat/firefox@52.7.0-1?arch=el7_4",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-1gbp-dg93-wud9"
                },
                {
                    "vulnerability": "VCID-eyaw-nzuh-8ue2"
                },
                {
                    "vulnerability": "VCID-fcvd-rpmu-1ygk"
                },
                {
                    "vulnerability": "VCID-gr47-gb4n-87an"
                },
                {
                    "vulnerability": "VCID-vhy3-sx9u-budr"
                },
                {
                    "vulnerability": "VCID-ww34-5gw7-cfa6"
                },
                {
                    "vulnerability": "VCID-y14s-zt8p-syby"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.7.0-1%3Farch=el7_4"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/109596?format=api",
            "purl": "pkg:rpm/redhat/firefox@52.7.0-1?arch=el6_9",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-1gbp-dg93-wud9"
                },
                {
                    "vulnerability": "VCID-eyaw-nzuh-8ue2"
                },
                {
                    "vulnerability": "VCID-fcvd-rpmu-1ygk"
                },
                {
                    "vulnerability": "VCID-gr47-gb4n-87an"
                },
                {
                    "vulnerability": "VCID-vhy3-sx9u-budr"
                },
                {
                    "vulnerability": "VCID-ww34-5gw7-cfa6"
                },
                {
                    "vulnerability": "VCID-y14s-zt8p-syby"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@52.7.0-1%3Farch=el6_9"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/109586?format=api",
            "purl": "pkg:rpm/redhat/thunderbird@52.7.0-1?arch=el7_4",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-1gbp-dg93-wud9"
                },
                {
                    "vulnerability": "VCID-fdue-dg92-13cp"
                },
                {
                    "vulnerability": "VCID-gr47-gb4n-87an"
                },
                {
                    "vulnerability": "VCID-vhy3-sx9u-budr"
                },
                {
                    "vulnerability": "VCID-ww34-5gw7-cfa6"
                },
                {
                    "vulnerability": "VCID-y14s-zt8p-syby"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.7.0-1%3Farch=el7_4"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/packages/109587?format=api",
            "purl": "pkg:rpm/redhat/thunderbird@52.7.0-1?arch=el6_9",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-1gbp-dg93-wud9"
                },
                {
                    "vulnerability": "VCID-fdue-dg92-13cp"
                },
                {
                    "vulnerability": "VCID-gr47-gb4n-87an"
                },
                {
                    "vulnerability": "VCID-vhy3-sx9u-budr"
                },
                {
                    "vulnerability": "VCID-ww34-5gw7-cfa6"
                },
                {
                    "vulnerability": "VCID-y14s-zt8p-syby"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@52.7.0-1%3Farch=el6_9"
        }
    ],
    "references": [
        {
            "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5127.json",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "8.8",
                    "scoring_system": "cvssv3",
                    "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
                }
            ],
            "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5127.json"
        },
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5127",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95515",
                    "published_at": "2026-04-21T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95489",
                    "published_at": "2026-04-08T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95491",
                    "published_at": "2026-04-09T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95497",
                    "published_at": "2026-04-11T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95498",
                    "published_at": "2026-04-12T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95499",
                    "published_at": "2026-04-13T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95507",
                    "published_at": "2026-04-16T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95512",
                    "published_at": "2026-04-18T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95462",
                    "published_at": "2026-04-01T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95472",
                    "published_at": "2026-04-02T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95478",
                    "published_at": "2026-04-04T12:55:00Z"
                },
                {
                    "value": "0.20177",
                    "scoring_system": "epss",
                    "scoring_elements": "0.95482",
                    "published_at": "2026-04-07T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5127"
        },
        {
            "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1430557",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1430557"
        },
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125"
        },
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127"
        },
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129"
        },
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5130"
        },
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5131"
        },
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144"
        },
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145"
        },
        {
            "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146"
        },
        {
            "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "7.5",
                    "scoring_system": "cvssv3",
                    "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
                }
            ],
            "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
        },
        {
            "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00010.html"
        },
        {
            "reference_url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html"
        },
        {
            "reference_url": "https://security.gentoo.org/glsa/201810-01",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://security.gentoo.org/glsa/201810-01"
        },
        {
            "reference_url": "https://www.debian.org/security/2018/dsa-4139",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.debian.org/security/2018/dsa-4139"
        },
        {
            "reference_url": "https://www.debian.org/security/2018/dsa-4155",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.debian.org/security/2018/dsa-4155"
        },
        {
            "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-06/",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.mozilla.org/security/advisories/mfsa2018-06/"
        },
        {
            "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-07/",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.mozilla.org/security/advisories/mfsa2018-07/"
        },
        {
            "reference_url": "https://www.mozilla.org/security/advisories/mfsa2018-09/",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "https://www.mozilla.org/security/advisories/mfsa2018-09/"
        },
        {
            "reference_url": "http://www.securityfocus.com/bid/103388",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.securityfocus.com/bid/103388"
        },
        {
            "reference_url": "http://www.securitytracker.com/id/1040514",
            "reference_id": "",
            "reference_type": "",
            "scores": [],
            "url": "http://www.securitytracker.com/id/1040514"
        },
        {
            "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555128",
            "reference_id": "1555128",
            "reference_type": "",
            "scores": [],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555128"
        },
        {
            "reference_url": "https://security.archlinux.org/ASA-201803-22",
            "reference_id": "ASA-201803-22",
            "reference_type": "",
            "scores": [],
            "url": "https://security.archlinux.org/ASA-201803-22"
        },
        {
            "reference_url": "https://security.archlinux.org/AVG-663",
            "reference_id": "AVG-663",
            "reference_type": "",
            "scores": [
                {
                    "value": "Critical",
                    "scoring_system": "archlinux",
                    "scoring_elements": ""
                }
            ],
            "url": "https://security.archlinux.org/AVG-663"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
            "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
            "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
            "reference_type": "",
            "scores": [],
            "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"
        },
        {
            "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5127",
            "reference_id": "CVE-2018-5127",
            "reference_type": "",
            "scores": [
                {
                    "value": "6.8",
                    "scoring_system": "cvssv2",
                    "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P"
                },
                {
                    "value": "8.8",
                    "scoring_system": "cvssv3",
                    "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
                }
            ],
            "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5127"
        },
        {
            "reference_url": "https://security.gentoo.org/glsa/201811-13",
            "reference_id": "GLSA-201811-13",
            "reference_type": "",
            "scores": [],
            "url": "https://security.gentoo.org/glsa/201811-13"
        },
        {
            "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06",
            "reference_id": "mfsa2018-06",
            "reference_type": "",
            "scores": [
                {
                    "value": "critical",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-06"
        },
        {
            "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07",
            "reference_id": "mfsa2018-07",
            "reference_type": "",
            "scores": [
                {
                    "value": "critical",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-07"
        },
        {
            "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09",
            "reference_id": "mfsa2018-09",
            "reference_type": "",
            "scores": [
                {
                    "value": "critical",
                    "scoring_system": "generic_textual",
                    "scoring_elements": ""
                }
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-09"
        },
        {
            "reference_url": "https://access.redhat.com/errata/RHSA-2018:0526",
            "reference_id": "RHSA-2018:0526",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/errata/RHSA-2018:0526"
        },
        {
            "reference_url": "https://access.redhat.com/errata/RHSA-2018:0527",
            "reference_id": "RHSA-2018:0527",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/errata/RHSA-2018:0527"
        },
        {
            "reference_url": "https://access.redhat.com/errata/RHSA-2018:0647",
            "reference_id": "RHSA-2018:0647",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/errata/RHSA-2018:0647"
        },
        {
            "reference_url": "https://access.redhat.com/errata/RHSA-2018:0648",
            "reference_id": "RHSA-2018:0648",
            "reference_type": "",
            "scores": [],
            "url": "https://access.redhat.com/errata/RHSA-2018:0648"
        },
        {
            "reference_url": "https://usn.ubuntu.com/3545-1/",
            "reference_id": "USN-3545-1",
            "reference_type": "",
            "scores": [],
            "url": "https://usn.ubuntu.com/3545-1/"
        },
        {
            "reference_url": "https://usn.ubuntu.com/3596-1/",
            "reference_id": "USN-3596-1",
            "reference_type": "",
            "scores": [],
            "url": "https://usn.ubuntu.com/3596-1/"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 120,
            "name": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
            "description": "The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow."
        },
        {
            "cwe_id": 119,
            "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
            "description": "The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer."
        }
    ],
    "exploits": [],
    "severity_range_score": "6.8 - 10.0",
    "exploitability": "0.5",
    "weighted_severity": "9.0",
    "risk_score": 4.5,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhy3-sx9u-budr"
}