{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1407?format=json","vulnerability_id":"VCID-j2t7-a23g-zqf8","summary":"A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash.","aliases":[{"alias":"CVE-2018-5127"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1794?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.7.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.7.0-1"},{"url":"http://public2.vulnerablecode.io/api/packages/786?format=json","purl":"pkg:mozilla/Firefox@59.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@59.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/759?format=json","purl":"pkg:mozilla/Firefox%20ESR@52.7.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox%2520ESR@52.7.0"},{"url":"http://public2.vulnerablecode.io/api/packages/768?format=json","purl":"pkg:mozilla/Thunderbird@52.7.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@52.7.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1793?format=json","purl":"pkg:alpm/archlinux/thunderbird@52.6.0-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1vcg-jqmc-hbgv"},{"vulnerability":"VCID-hv3z-93zn-ebhp"},{"vulnerability":"VCID-j2t7-a23g-zqf8"},{"vulnerability":"VCID-mgns-xhb9-cuc3"},{"vulnerability":"VCID-yw14-7xmq-g3e6"},{"vulnerability":"VCID-zuwx-k59j-zqap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/thunderbird@52.6.0-2"}],"references":[{"reference_url":"https://security.archlinux.org/ASA-201803-22","reference_id":"ASA-201803-22","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-22"},{"reference_url":"https://security.archlinux.org/AVG-663","reference_id":"AVG-663","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-663"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-06","reference_id":"mfsa2018-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-07","reference_id":"mfsa2018-07","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-09","reference_id":"mfsa2018-09","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2018-09"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2t7-a23g-zqf8"}