{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2548?format=json","vulnerability_id":"VCID-dbs5-bx31-g7cn","summary":"An upgrade in the XML parser introduced a bug that could read\nbeyond the end of the buffer, often causing a crash. We don't know if\nthis could be exploited to incorporate private data into the DOM of an\nXML document, but could be a privacy risk if so. Firefox 1.0, Thunderbird 1.0\nand Mozilla Suite 1.7 are not affected.Update (13 April 2006)\nThis flaw has been fixed in Thunderbird 1.5.0.2","aliases":[{"alias":"CVE-2006-0298"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/94469?format=json","purl":"pkg:deb/debian/firefox@1.5.dfsg%2B1.5.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@1.5.dfsg%252B1.5.0.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/94464?format=json","purl":"pkg:deb/debian/firefox@151.0.3-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@151.0.3-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/130940?format=json","purl":"pkg:deb/debian/thunderbird@1.5.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1.5.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/130941?format=json","purl":"pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:115.12.0-1~deb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/130939?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/130943?format=json","purl":"pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.10.1esr-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/130942?format=json","purl":"pkg:deb/debian/thunderbird@1:140.11.0esr-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/thunderbird@1:140.11.0esr-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1105?format=json","purl":"pkg:mozilla/SeaMonkey@1.0.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.0"}],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0298","reference_id":"","reference_type":"","scores":[{"value":"0.04351","scoring_system":"epss","scoring_elements":"0.89124","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04351","scoring_system":"epss","scoring_elements":"0.8914","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0298"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351442","reference_id":"351442","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0298","reference_id":"CVE-2006-0298","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0298"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2006-07","reference_id":"mfsa2006-07","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2006-07"}],"weaknesses":[],"exploits":[],"severity_range_score":"0.1 - 3","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dbs5-bx31-g7cn"}