VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-5159.html
rhas	Critical	https://access.redhat.com/errata/RHSA-2018:1414
rhas	Critical	https://access.redhat.com/errata/RHSA-2018:1415
rhas	Important	https://access.redhat.com/errata/RHSA-2018:1725
rhas	Important	https://access.redhat.com/errata/RHSA-2018:1726
cvssv3	9.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.12289	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.32920	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.32920	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.32920	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.32920	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.38809	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.39159	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
epss	0.63345	https://api.first.org/data/v1/epss?cve=CVE-2018-5159
rhbs	high	https://bugzilla.redhat.com/show_bug.cgi?id=1576260
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
generic_textual	Low	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
cvssv3.1	8.8	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
cvssv2	7.5	https://nvd.nist.gov/vuln/detail/CVE-2018-5159
cvssv3	9.8	https://nvd.nist.gov/vuln/detail/CVE-2018-5159
archlinux	Critical	https://security.archlinux.org/AVG-693
archlinux	Critical	https://security.archlinux.org/AVG-707
cvssv3.1	8.8	https://security.gentoo.org/glsa/201810-01
generic_textual	HIGH	https://security.gentoo.org/glsa/201810-01
generic_textual	Medium	https://ubuntu.com/security/notices/USN-3645-1
generic_textual	Medium	https://ubuntu.com/security/notices/USN-3660-1
cvssv3.1	8.8	https://www.debian.org/security/2018/dsa-4199
generic_textual	HIGH	https://www.debian.org/security/2018/dsa-4199
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2018-11
generic_textual	Medium	https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5159
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2018-12
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2018-13
cvssv3.1	8.8	http://www.securityfocus.com/bid/104136
generic_textual	HIGH	http://www.securityfocus.com/bid/104136
cvssv3.1	8.8	http://www.securitytracker.com/id/1040896
generic_textual	HIGH	http://www.securitytracker.com/id/1040896

System

Score

Found at

generic_textual

Medium

http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-5159.html

rhas

Critical

https://access.redhat.com/errata/RHSA-2018:1414

rhas

Critical

https://access.redhat.com/errata/RHSA-2018:1415

rhas

Important

https://access.redhat.com/errata/RHSA-2018:1725

rhas

Important

https://access.redhat.com/errata/RHSA-2018:1726

cvssv3

9.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.12289

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.32920

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.32920

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.32920

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.32920

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.38809

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.39159

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

epss

0.63345

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

rhbs

high

https://bugzilla.redhat.com/show_bug.cgi?id=1576260

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

generic_textual

Low

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

cvssv3.1

8.8

https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

generic_textual

HIGH

https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

cvssv2

7.5

https://nvd.nist.gov/vuln/detail/CVE-2018-5159

cvssv3

9.8

https://nvd.nist.gov/vuln/detail/CVE-2018-5159

archlinux

Critical

https://security.archlinux.org/AVG-693

archlinux

Critical

https://security.archlinux.org/AVG-707

cvssv3.1

8.8

https://security.gentoo.org/glsa/201810-01

generic_textual

HIGH

https://security.gentoo.org/glsa/201810-01

generic_textual

Medium

https://ubuntu.com/security/notices/USN-3645-1

generic_textual

Medium

https://ubuntu.com/security/notices/USN-3660-1

cvssv3.1

8.8

https://www.debian.org/security/2018/dsa-4199

generic_textual

HIGH

https://www.debian.org/security/2018/dsa-4199

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

generic_textual

Medium

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5159

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

cvssv3.1

8.8

http://www.securityfocus.com/bid/104136

generic_textual

HIGH

http://www.securityfocus.com/bid/104136

cvssv3.1

8.8

http://www.securitytracker.com/id/1040896

generic_textual

HIGH

http://www.securitytracker.com/id/1040896

Reference id	Reference type	URL
		http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-5159.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-5159
		https://bugzilla.mozilla.org/show_bug.cgi?id=1441941
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185
		https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html
		https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
		https://security.gentoo.org/glsa/201810-01
		https://security.gentoo.org/glsa/201811-13
		https://ubuntu.com/security/notices/USN-3645-1
		https://ubuntu.com/security/notices/USN-3660-1
		https://usn.ubuntu.com/3645-1/
		https://usn.ubuntu.com/3660-1/
		https://www.debian.org/security/2018/dsa-4199
		https://www.debian.org/security/2018/dsa-4209
		https://www.exploit-db.com/exploits/44759/
		https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5159
		https://www.mozilla.org/security/advisories/mfsa2018-11/
		https://www.mozilla.org/security/advisories/mfsa2018-12/
		https://www.mozilla.org/security/advisories/mfsa2018-13/
		http://www.securityfocus.com/bid/104136
		http://www.securitytracker.com/id/1040896
1576260		https://bugzilla.redhat.com/show_bug.cgi?id=1576260
ASA-201805-10		https://security.archlinux.org/ASA-201805-10
ASA-201805-21		https://security.archlinux.org/ASA-201805-21
AVG-693		https://security.archlinux.org/AVG-693
AVG-707		https://security.archlinux.org/AVG-707
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:a:mozilla:thunderbird_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr::::::::
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:debian:debian_linux:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
cpe:2.3:o:debian:debian_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
CVE-2018-5159	Exploit	https://bugs.chromium.org/p/project-zero/issues/detail?id=1541
CVE-2018-5159	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/44759.html
CVE-2018-5159		https://nvd.nist.gov/vuln/detail/CVE-2018-5159
mfsa2018-11		https://www.mozilla.org/en-US/security/advisories/mfsa2018-11
mfsa2018-12		https://www.mozilla.org/en-US/security/advisories/mfsa2018-12
mfsa2018-13		https://www.mozilla.org/en-US/security/advisories/mfsa2018-13
RHSA-2018:1414		https://access.redhat.com/errata/RHSA-2018:1414
RHSA-2018:1415		https://access.redhat.com/errata/RHSA-2018:1415
RHSA-2018:1725		https://access.redhat.com/errata/RHSA-2018:1725
RHSA-2018:1726		https://access.redhat.com/errata/RHSA-2018:1726

Reference id

Reference type

URL

http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-5159.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json

https://api.first.org/data/v1/epss?cve=CVE-2018-5159

https://bugzilla.mozilla.org/show_bug.cgi?id=1441941

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5150

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5154

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5155

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5157

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5159

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5161

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5162

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5168

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5170

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5178

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5183

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5184

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5185

https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html

https://security.gentoo.org/glsa/201810-01

https://security.gentoo.org/glsa/201811-13

https://ubuntu.com/security/notices/USN-3645-1

https://ubuntu.com/security/notices/USN-3660-1

https://usn.ubuntu.com/3645-1/

https://usn.ubuntu.com/3660-1/

https://www.debian.org/security/2018/dsa-4199

https://www.debian.org/security/2018/dsa-4209

https://www.exploit-db.com/exploits/44759/

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5159

https://www.mozilla.org/security/advisories/mfsa2018-11/

https://www.mozilla.org/security/advisories/mfsa2018-12/

https://www.mozilla.org/security/advisories/mfsa2018-13/

http://www.securityfocus.com/bid/104136

http://www.securitytracker.com/id/1040896

1576260

https://bugzilla.redhat.com/show_bug.cgi?id=1576260

ASA-201805-10

https://security.archlinux.org/ASA-201805-10

ASA-201805-21

https://security.archlinux.org/ASA-201805-21

AVG-693

https://security.archlinux.org/AVG-693

AVG-707

https://security.archlinux.org/AVG-707

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVE-2018-5159

Exploit

https://bugs.chromium.org/p/project-zero/issues/detail?id=1541

CVE-2018-5159

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/44759.html

CVE-2018-5159

https://nvd.nist.gov/vuln/detail/CVE-2018-5159

mfsa2018-11

https://www.mozilla.org/en-US/security/advisories/mfsa2018-11

mfsa2018-12

https://www.mozilla.org/en-US/security/advisories/mfsa2018-12

mfsa2018-13

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13

RHSA-2018:1414

https://access.redhat.com/errata/RHSA-2018:1414

RHSA-2018:1415

https://access.redhat.com/errata/RHSA-2018:1415

RHSA-2018:1725

https://access.redhat.com/errata/RHSA-2018:1725

RHSA-2018:1726

https://access.redhat.com/errata/RHSA-2018:1726

Data source	Exploit-DB
Date added	May 25, 2018
Description	Skia and Firefox - Integer Overflow in SkTDArray Leading to Out-of-Bounds Write
Ransomware campaign use	Known
Source publication date	May 25, 2018
Exploit type	dos
Platform	multiple
Source update date	May 25, 2018
Source URL	https://bugs.chromium.org/p/project-zero/issues/detail?id=1541

Exploit-DB

May 25, 2018

Skia and Firefox - Integer Overflow in SkTDArray Leading to Out-of-Bounds Write

Known

May 25, 2018

dos

multiple

May 25, 2018

https://bugs.chromium.org/p/project-zero/issues/detail?id=1541

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-5159

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-5159

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/201810-01

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://www.debian.org/security/2018/dsa-4199

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/104136

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.securitytracker.com/id/1040896

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-pdp7-y8vf-aaam
Aliases	CVE-2018-5159
Summary	An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.
Status	Published
Exploitability	2.0
Weighted Severity	9.0
Risk	10.0
Affected and Fixed Packages	Package Details

CWE-787	Out-of-bounds Write
CWE-190	Integer Overflow or Wraparound
CWE-120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Percentile	0.95561
EPSS Score	0.12289
Published At	Nov. 1, 2024, midnight