[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-0807":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":38,"downstream":39,"duplicates":68,"related":69,"reserved_at":9,"published_at":77,"modified_at":78,"state":79,"summary":80,"references_raw":89,"kevs":169,"epss":170,"epss_history":173,"metrics":437,"affected":442},"CVE-2015-0807","The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 processes HTTP 30x status codes for redirects after a preflight request has occurred, which allows remote attackers to bypass intended CORS access-control checks and conduct cross-site request forgery (CSRF) attacks via a crafted web site, a similar issue to CVE-2014-8638.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-352","Cross-Site Request Forgery (CSRF)","The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.","weakness","Stable","Compound","Medium",[20,24,28,32],{"id":21,"name":22,"techniques":23},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":25,"name":26,"techniques":27},"CAPEC-462","Cross-Domain Search Timing",[],{"id":29,"name":30,"techniques":31},"CAPEC-467","Cross Site Identification",[],{"id":33,"name":34,"techniques":35},"CAPEC-62","Cross Site Request Forgery",[],[],[],[],[40,42,44,46,48,50,52,54,56,58,60,62,64,66],{"_key":41},"RHSA-2015:0766",{"_key":43},"RHSA-2015:0771",{"_key":45},"OPENSUSE-SU-2024:10071-1",{"_key":47},"SUSE-SU-2015:0704-1",{"_key":49},"SUSE-SU-2015:0704-2",{"_key":51},"OPENSUSE-SU-2024:10230-1",{"_key":53},"OPENSUSE-SU-2024:14572-1",{"_key":55},"DSA-3211-1",{"_key":57},"DSA-3212-1",{"_key":59},"MGASA-2015-0131",{"_key":61},"MGASA-2015-0342",{"_key":63},"UBUNTU-CVE-2015-0807",{"_key":65},"USN-2550-1",{"_key":67},"USN-2552-1",[],[70,71,72,73,74,75,76],{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":59},{"_key":61},"2015-04-01T10:00:00.000Z","2024-08-06T04:26:10.737Z","Modified",{"cisa_kev":81,"cisa_ransomware":81,"cisa_vendor":9,"epss_severity":82,"epss_score":83,"severity":84,"severity_score":85,"severity_version":86,"severity_source":87,"severity_vector":88,"severity_status":79},false,"low",0.00137,"medium",6.8,"v2.0","nvd","AV:N/AC:M/Au:N/C:P/I:P/A:P",[90,97,102,108,113,118,122,127,132,137,141,145,149,153,157,161,165],{"url":91,"sources":92,"tags":94},"http://www.securityfocus.com/bid/73457",[93,87],"cve.org",[95,96],"VDB Entry","X Refsource BID",{"url":98,"sources":99,"tags":100},"http://www.securitytracker.com/id/1031996",[93,87],[95,101],"X Refsource SECTRACK",{"url":103,"sources":104,"tags":105},"http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html",[93,87],[106,107],"Vendor Advisory","X Refsource SUSE",{"url":109,"sources":110,"tags":111},"https://security.gentoo.org/glsa/201512-10",[93,87],[106,112],"X Refsource GENTOO",{"url":114,"sources":115,"tags":116},"http://www.debian.org/security/2015/dsa-3212",[93,87],[106,117],"X Refsource DEBIAN",{"url":119,"sources":120,"tags":121},"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00006.html",[93,87],[106,107],{"url":123,"sources":124,"tags":125},"http://www.ubuntu.com/usn/USN-2552-1",[93,87],[106,126],"X Refsource UBUNTU",{"url":128,"sources":129,"tags":130},"http://rhn.redhat.com/errata/RHSA-2015-0766.html",[93,87],[106,131],"X Refsource REDHAT",{"url":133,"sources":134,"tags":135},"http://www.mozilla.org/security/announce/2015/mfsa2015-37.html",[93,87],[136,106],"X Refsource CONFIRM",{"url":138,"sources":139,"tags":140},"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",[93,87],[136],{"url":142,"sources":143,"tags":144},"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html",[93,87],[106,107],{"url":146,"sources":147,"tags":148},"https://bugzilla.mozilla.org/show_bug.cgi?id=1111834",[93,87],[136],{"url":150,"sources":151,"tags":152},"http://www.ubuntu.com/usn/USN-2550-1",[93,87],[106,126],{"url":154,"sources":155,"tags":156},"http://www.securitytracker.com/id/1032000",[93,87],[95,101],{"url":158,"sources":159,"tags":160},"http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00003.html",[93,87],[106,107],{"url":162,"sources":163,"tags":164},"http://rhn.redhat.com/errata/RHSA-2015-0771.html",[93,87],[106,131],{"url":166,"sources":167,"tags":168},"http://www.debian.org/security/2015/dsa-3211",[93,87],[106,117],[],{"date":171,"score":83,"percentile":172},"2026-06-05",0.33458,[174,177,180,183,186,189,192,195,198,201,204,207,209,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,260,262,265,267,270,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,329,332,335,338,341,344,347,350,353,356,359,362,365,368,371,374,377,380,382,384,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431,434],{"date":175,"score":83,"percentile":176},"2025-11-04",0.34316,{"date":178,"score":83,"percentile":179},"2025-11-05",0.34302,{"date":181,"score":83,"percentile":182},"2025-11-06",0.34303,{"date":184,"score":83,"percentile":185},"2025-11-07",0.34321,{"date":187,"score":83,"percentile":188},"2025-11-08",0.34315,{"date":190,"score":83,"percentile":191},"2025-11-09",0.34296,{"date":193,"score":83,"percentile":194},"2025-11-10",0.34245,{"date":196,"score":83,"percentile":197},"2025-11-11",0.34274,{"date":199,"score":83,"percentile":200},"2025-11-12",0.34319,{"date":202,"score":83,"percentile":203},"2025-11-13",0.34337,{"date":205,"score":83,"percentile":206},"2025-11-14",0.34341,{"date":208,"score":83,"percentile":206},"2025-11-15",{"date":210,"score":83,"percentile":211},"2025-11-16",0.34313,{"date":213,"score":83,"percentile":214},"2025-11-17",0.34288,{"date":216,"score":83,"percentile":217},"2025-11-18",0.28224,{"date":219,"score":83,"percentile":220},"2025-11-19",0.28248,{"date":222,"score":83,"percentile":223},"2025-11-20",0.28263,{"date":225,"score":83,"percentile":226},"2025-11-21",0.3432,{"date":228,"score":83,"percentile":229},"2025-11-22",0.34322,{"date":231,"score":83,"percentile":232},"2025-11-23",0.34287,{"date":234,"score":83,"percentile":235},"2025-11-24",0.34262,{"date":237,"score":83,"percentile":238},"2025-11-25",0.34257,{"date":240,"score":83,"percentile":241},"2025-11-26",0.34255,{"date":243,"score":83,"percentile":244},"2025-11-27",0.34265,{"date":246,"score":83,"percentile":247},"2025-11-28",0.34246,{"date":249,"score":83,"percentile":250},"2025-11-29",0.34229,{"date":252,"score":83,"percentile":253},"2025-11-30",0.34209,{"date":255,"score":83,"percentile":256},"2025-12-01",0.3431,{"date":258,"score":83,"percentile":259},"2025-12-02",0.34324,{"date":261,"score":83,"percentile":229},"2025-12-03",{"date":263,"score":83,"percentile":264},"2025-12-04",0.34215,{"date":266,"score":83,"percentile":247},"2025-12-05",{"date":268,"score":83,"percentile":269},"2025-12-06",0.34247,{"date":271,"score":83,"percentile":272},"2025-12-07",0.34223,{"date":274,"score":83,"percentile":275},"2025-12-08",0.34236,{"date":277,"score":83,"percentile":278},"2025-12-09",0.34278,{"date":280,"score":83,"percentile":281},"2025-12-10",0.34328,{"date":283,"score":83,"percentile":284},"2025-12-11",0.3435,{"date":286,"score":83,"percentile":287},"2025-12-12",0.34378,{"date":289,"score":83,"percentile":290},"2025-12-13",0.3436,{"date":292,"score":83,"percentile":293},"2025-12-14",0.34333,{"date":295,"score":83,"percentile":296},"2025-12-15",0.34292,{"date":298,"score":83,"percentile":299},"2025-12-16",0.34318,{"date":301,"score":83,"percentile":302},"2025-12-17",0.3437,{"date":304,"score":83,"percentile":305},"2025-12-18",0.34419,{"date":307,"score":83,"percentile":308},"2025-12-19",0.34441,{"date":310,"score":83,"percentile":311},"2025-12-20",0.34424,{"date":313,"score":83,"percentile":314},"2025-12-21",0.34369,{"date":316,"score":83,"percentile":317},"2025-12-22",0.34339,{"date":319,"score":83,"percentile":320},"2025-12-23",0.34332,{"date":322,"score":83,"percentile":323},"2025-12-24",0.34326,{"date":325,"score":83,"percentile":326},"2025-12-25",0.3439,{"date":328,"score":83,"percentile":314},"2025-12-26",{"date":330,"score":83,"percentile":331},"2025-12-27",0.34385,{"date":333,"score":83,"percentile":334},"2025-12-28",0.34281,{"date":336,"score":83,"percentile":337},"2025-12-29",0.34249,{"date":339,"score":83,"percentile":340},"2025-12-30",0.34238,{"date":342,"score":83,"percentile":343},"2025-12-31",0.34289,{"date":345,"score":83,"percentile":346},"2026-01-01",0.34442,{"date":348,"score":83,"percentile":349},"2026-01-02",0.34435,{"date":351,"score":83,"percentile":352},"2026-01-03",0.3442,{"date":354,"score":83,"percentile":355},"2026-01-04",0.34273,{"date":357,"score":83,"percentile":358},"2026-01-05",0.34253,{"date":360,"score":83,"percentile":361},"2026-01-06",0.34264,{"date":363,"score":83,"percentile":364},"2026-01-07",0.3428,{"date":366,"score":83,"percentile":367},"2026-01-08",0.34307,{"date":369,"score":83,"percentile":370},"2026-01-09",0.34305,{"date":372,"score":83,"percentile":373},"2026-01-10",0.34308,{"date":375,"score":83,"percentile":376},"2026-01-11",0.34286,{"date":378,"score":83,"percentile":379},"2026-01-12",0.3422,{"date":381,"score":83,"percentile":253},"2026-01-13",{"date":383,"score":83,"percentile":247},"2026-01-14",{"date":385,"score":83,"percentile":340},"2026-01-15",{"date":387,"score":83,"percentile":388},"2026-01-16",0.3426,{"date":390,"score":83,"percentile":391},"2026-01-17",0.34244,{"date":393,"score":83,"percentile":394},"2026-01-18",0.34187,{"date":396,"score":83,"percentile":397},"2026-01-19",0.3415,{"date":399,"score":83,"percentile":400},"2026-01-20",0.34133,{"date":402,"score":83,"percentile":403},"2026-01-21",0.341,{"date":405,"score":83,"percentile":406},"2026-01-22",0.34076,{"date":408,"score":83,"percentile":409},"2026-01-23",0.34137,{"date":411,"score":83,"percentile":412},"2026-01-24",0.34146,{"date":414,"score":83,"percentile":415},"2026-01-25",0.34086,{"date":417,"score":83,"percentile":418},"2026-01-26",0.33998,{"date":420,"score":83,"percentile":421},"2026-01-27",0.33991,{"date":423,"score":83,"percentile":424},"2026-01-28",0.33968,{"date":426,"score":83,"percentile":427},"2026-01-29",0.33929,{"date":429,"score":83,"percentile":430},"2026-01-30",0.33915,{"date":432,"score":83,"percentile":433},"2026-01-31",0.33924,{"date":435,"score":83,"percentile":436},"2026-02-01",0.34022,[438],{"source":87,"cvss_v2_0":439,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":85,"baseSeverity":9,"vectorString":88,"impactScore":440,"exploitabilityScore":441},6.4,8.6,[443,466,482],{"ecosystem":9,"name":444,"vendor":9,"product":444,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":445},"Firefox",[446,452,454,456,458,460,462,464],{"version":447,"is_range":448,"range_type":449,"version_start":9,"version_start_type":9,"version_end":450,"version_end_type":451,"fixed_in":9},"lte36.0.4",true,"cpe","36.0.4","including",{"version":453,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.0",{"version":455,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.1.0",{"version":457,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.1.1",{"version":459,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.3.0",{"version":461,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.5.1",{"version":463,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.5.2",{"version":465,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.5.3",{"ecosystem":9,"name":467,"vendor":468,"product":469,"cpe_part":470,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":471},"firefox esr","mozilla","firefox_esr","a",[472,474,476,478,480],{"version":473,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.1",{"version":475,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.2",{"version":477,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.3",{"version":479,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.4",{"version":481,"is_range":81,"range_type":449,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31.5",{"ecosystem":9,"name":483,"vendor":468,"product":484,"cpe_part":470,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":485},"Thunderbird","thunderbird",[486],{"version":487,"is_range":448,"range_type":449,"version_start":9,"version_start_type":9,"version_end":481,"version_end_type":451,"fixed_in":9},"lte31.5"]