Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community

Type apk

Namespace alpine

Name firefox-esr

Version 52.6.0-r0

Qualifiers

arch	s390x
distroversion	v3.12
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 60.5.0-r0

Latest_non_vulnerable_version 78.11.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-7hu9-yxju-9bae

vulnerability_id VCID-7hu9-yxju-9bae

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5099.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5099.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5099

reference_id

reference_type

scores

value	0.02974
scoring_system	epss
scoring_elements	0.86512
published_at	2026-04-13T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86477
published_at	2026-04-04T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86476
published_at	2026-04-07T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86495
published_at	2026-04-08T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86505
published_at	2026-04-09T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86521
published_at	2026-04-11T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86517
published_at	2026-04-12T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86448
published_at	2026-04-01T12:55:00Z

value	0.02974
scoring_system	epss
scoring_elements	0.86458
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5099

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1416878
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1416878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537821
reference_id	1537821
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537821

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5099

reference_id

CVE-2018-5099

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5099

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5099

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7hu9-yxju-9bae

url VCID-bm8j-1dxt-q3a8

vulnerability_id VCID-bm8j-1dxt-q3a8

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5103.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5103.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5103

reference_id

reference_type

scores

value	0.02935
scoring_system	epss
scoring_elements	0.86426
published_at	2026-04-13T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86389
published_at	2026-04-04T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.8639
published_at	2026-04-07T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86409
published_at	2026-04-08T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86419
published_at	2026-04-09T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86433
published_at	2026-04-11T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86431
published_at	2026-04-12T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86361
published_at	2026-04-01T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86371
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5103

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1423159
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1423159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537823
reference_id	1537823
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537823

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5103

reference_id

CVE-2018-5103

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5103

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5103

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bm8j-1dxt-q3a8

url VCID-bpsj-5ap7-zuhq

vulnerability_id VCID-bpsj-5ap7-zuhq

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5097.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5097.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5097

reference_id

reference_type

scores

value	0.24112
scoring_system	epss
scoring_elements	0.96069
published_at	2026-04-13T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96046
published_at	2026-04-04T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96051
published_at	2026-04-07T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96061
published_at	2026-04-08T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96064
published_at	2026-04-09T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96067
published_at	2026-04-11T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96066
published_at	2026-04-12T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96032
published_at	2026-04-01T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96039
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5097

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1387427
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1387427

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537819
reference_id	1537819
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537819

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5097

reference_id

CVE-2018-5097

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5097

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5097

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bpsj-5ap7-zuhq

url VCID-hsy2-jvn8-s3gs

vulnerability_id VCID-hsy2-jvn8-s3gs

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5089.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5089.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5089

reference_id

reference_type

scores

value	0.02992
scoring_system	epss
scoring_elements	0.8655
published_at	2026-04-13T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86517
published_at	2026-04-04T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86516
published_at	2026-04-07T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86536
published_at	2026-04-08T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86546
published_at	2026-04-09T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.8656
published_at	2026-04-11T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86557
published_at	2026-04-12T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86488
published_at	2026-04-01T12:55:00Z

value	0.02992
scoring_system	epss
scoring_elements	0.86498
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5089

reference_url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1412420%2C1426783%2C1422389%2C1415598%2C1410134%2C1408017%2C1224396%2C1382366%2C1415582%2C1417797%2C1409951%2C1414452%2C1428589%2C1425780%2C1399520%2C1418854%2C1408276%2C1412145%2C1331209%2C1425612
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1412420%2C1426783%2C1422389%2C1415598%2C1410134%2C1408017%2C1224396%2C1382366%2C1415582%2C1417797%2C1409951%2C1414452%2C1428589%2C1425780%2C1399520%2C1418854%2C1408276%2C1412145%2C1331209%2C1425612

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537417
reference_id	1537417
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537417

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5089

reference_id

CVE-2018-5089

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5089

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

reference_url	https://usn.ubuntu.com/3688-1/
reference_id	USN-3688-1
reference_type
scores
url	https://usn.ubuntu.com/3688-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5089

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hsy2-jvn8-s3gs

url VCID-htrf-wxeh-cyha

vulnerability_id VCID-htrf-wxeh-cyha

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5098.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5098.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5098

reference_id

reference_type

scores

value	0.02935
scoring_system	epss
scoring_elements	0.86426
published_at	2026-04-13T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86389
published_at	2026-04-04T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.8639
published_at	2026-04-07T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86409
published_at	2026-04-08T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86419
published_at	2026-04-09T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86433
published_at	2026-04-11T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86431
published_at	2026-04-12T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86361
published_at	2026-04-01T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86371
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5098

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1399400
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1399400

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537820
reference_id	1537820
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537820

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5098

reference_id

CVE-2018-5098

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5098

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5098

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-htrf-wxeh-cyha

url VCID-j9mh-ug68-jkfm

vulnerability_id VCID-j9mh-ug68-jkfm

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5096.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5096.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5096

reference_id

reference_type

scores

value	0.01564
scoring_system	epss
scoring_elements	0.81504
published_at	2026-04-12T12:55:00Z

value	0.01564
scoring_system	epss
scoring_elements	0.81466
published_at	2026-04-04T12:55:00Z

value	0.01564
scoring_system	epss
scoring_elements	0.81463
published_at	2026-04-07T12:55:00Z

value	0.01564
scoring_system	epss
scoring_elements	0.81491
published_at	2026-04-08T12:55:00Z

value	0.01564
scoring_system	epss
scoring_elements	0.81497
published_at	2026-04-13T12:55:00Z

value	0.01564
scoring_system	epss
scoring_elements	0.81517
published_at	2026-04-11T12:55:00Z

value	0.01564
scoring_system	epss
scoring_elements	0.81434
published_at	2026-04-01T12:55:00Z

value	0.01564
scoring_system	epss
scoring_elements	0.81444
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5096

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1418922
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1418922

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102771
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102771

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537818
reference_id	1537818
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537818

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5096

reference_id

CVE-2018-5096

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5096

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5096

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j9mh-ug68-jkfm

url VCID-m2cy-38ne-87dy

vulnerability_id VCID-m2cy-38ne-87dy

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5117.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5117.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5117

reference_id

reference_type

scores

value	0.02154
scoring_system	epss
scoring_elements	0.84258
published_at	2026-04-13T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84219
published_at	2026-04-04T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.8422
published_at	2026-04-07T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84242
published_at	2026-04-08T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84249
published_at	2026-04-09T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84267
published_at	2026-04-11T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84261
published_at	2026-04-12T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84189
published_at	2026-04-01T12:55:00Z

value	0.02154
scoring_system	epss
scoring_elements	0.84202
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5117

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1395508
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1395508

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537825
reference_id	1537825
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537825

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5117

reference_id

CVE-2018-5117

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5117

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5117

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2cy-38ne-87dy

url VCID-nyhm-tguf-gkat

vulnerability_id VCID-nyhm-tguf-gkat

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5104.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5104.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5104

reference_id

reference_type

scores

value	0.24112
scoring_system	epss
scoring_elements	0.96069
published_at	2026-04-13T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96046
published_at	2026-04-04T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96051
published_at	2026-04-07T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96061
published_at	2026-04-08T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96064
published_at	2026-04-09T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96067
published_at	2026-04-11T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96066
published_at	2026-04-12T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96032
published_at	2026-04-01T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96039
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5104

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1425000
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1425000

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537824
reference_id	1537824
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537824

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5104

reference_id

CVE-2018-5104

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5104

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5104

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nyhm-tguf-gkat

url VCID-rw3y-swwt-2kef

vulnerability_id VCID-rw3y-swwt-2kef

summary

Multiple vulnerabilities have been found in Mozilla Firefox, the
    worst of which may allow execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5091.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5091.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5091

reference_id

reference_type

scores

value	0.02595
scoring_system	epss
scoring_elements	0.85597
published_at	2026-04-13T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.8556
published_at	2026-04-07T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.8558
published_at	2026-04-08T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.8559
published_at	2026-04-09T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85604
published_at	2026-04-11T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85601
published_at	2026-04-12T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85525
published_at	2026-04-01T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85537
published_at	2026-04-02T12:55:00Z

value	0.02595
scoring_system	epss
scoring_elements	0.85554
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5091

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1423086
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1423086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537814
reference_id	1537814
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537814

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5091

reference_id

CVE-2018-5091

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5091

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5091

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rw3y-swwt-2kef

url VCID-saht-cs9w-h7h7

vulnerability_id VCID-saht-cs9w-h7h7

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5095.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5095.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5095

reference_id

reference_type

scores

value	0.02935
scoring_system	epss
scoring_elements	0.86426
published_at	2026-04-13T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86389
published_at	2026-04-04T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.8639
published_at	2026-04-07T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86409
published_at	2026-04-08T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86419
published_at	2026-04-09T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86433
published_at	2026-04-11T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86431
published_at	2026-04-12T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86361
published_at	2026-04-01T12:55:00Z

value	0.02935
scoring_system	epss
scoring_elements	0.86371
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5095

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1418447
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1418447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537817
reference_id	1537817
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537817

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5095

reference_id

CVE-2018-5095

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5095

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5095

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-saht-cs9w-h7h7

url VCID-zh6f-rvv2-sbfu

vulnerability_id VCID-zh6f-rvv2-sbfu

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5102.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5102.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5102

reference_id

reference_type

scores

value	0.24112
scoring_system	epss
scoring_elements	0.96069
published_at	2026-04-13T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96046
published_at	2026-04-04T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96051
published_at	2026-04-07T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96061
published_at	2026-04-08T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96064
published_at	2026-04-09T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96067
published_at	2026-04-11T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96066
published_at	2026-04-12T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96032
published_at	2026-04-01T12:55:00Z

value	0.24112
scoring_system	epss
scoring_elements	0.96039
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5102

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1419363
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1419363

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5089

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5096

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5097

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5098

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5103

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5104

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/01/msg00036.html

reference_url	https://www.debian.org/security/2018/dsa-4096
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4096

reference_url	https://www.debian.org/security/2018/dsa-4102
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4102

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-02/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-02/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-03/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-03/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-04/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-04/

reference_url	http://www.securityfocus.com/bid/102783
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/102783

reference_url	http://www.securitytracker.com/id/1040270
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537822
reference_id	1537822
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537822

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5102

reference_id

CVE-2018-5102

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5102

reference_url	https://security.gentoo.org/glsa/201802-03
reference_id	GLSA-201802-03
reference_type
scores
url	https://security.gentoo.org/glsa/201802-03

reference_url	https://security.gentoo.org/glsa/201803-14
reference_id	GLSA-201803-14
reference_type
scores
url	https://security.gentoo.org/glsa/201803-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_id

mfsa2018-02

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_id

mfsa2018-03

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-03

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_id

mfsa2018-04

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-04

reference_url	https://access.redhat.com/errata/RHSA-2018:0122
reference_id	RHSA-2018:0122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0122

reference_url	https://access.redhat.com/errata/RHSA-2018:0262
reference_id	RHSA-2018:0262
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0262

reference_url	https://usn.ubuntu.com/3529-1/
reference_id	USN-3529-1
reference_type
scores
url	https://usn.ubuntu.com/3529-1/

reference_url	https://usn.ubuntu.com/3544-1/
reference_id	USN-3544-1
reference_type
scores
url	https://usn.ubuntu.com/3544-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/firefox-esr@52.6.0-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2018-5102

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zh6f-rvv2-sbfu

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@52.6.0-r0%3Farch=s390x&distroversion=v3.12&reponame=community

Package Instance