[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-4475":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":94,"related":95,"reserved_at":9,"published_at":103,"modified_at":104,"state":105,"summary":106,"references_raw":115,"kevs":194,"epss":195,"epss_history":198,"metrics":456,"affected":461},"CVE-2015-4475","The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a malformed file.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92],{"_key":73},"SUSE-SU-2015:1528-1",{"_key":75},"RHSA-2015:1586",{"_key":77},"OPENSUSE-SU-2024:10071-1",{"_key":79},"SUSE-SU-2015:1449-1",{"_key":81},"SUSE-SU-2015:1476-1",{"_key":83},"OPENSUSE-SU-2024:10230-1",{"_key":85},"OPENSUSE-SU-2024:14572-1",{"_key":87},"DSA-3333-1",{"_key":89},"MGASA-2015-0312",{"_key":91},"UBUNTU-CVE-2015-4475",{"_key":93},"USN-2702-1",[],[96,97,98,99,100,101,102],{"_key":73},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":89},"2015-08-16T01:00:00.000Z","2024-08-06T06:18:11.081Z","Modified",{"cisa_kev":107,"cisa_ransomware":107,"cisa_vendor":9,"epss_severity":108,"epss_score":109,"severity":110,"severity_score":111,"severity_version":112,"severity_source":113,"severity_vector":114,"severity_status":105},false,"low",0.01051,"high",7.5,"v2.0","nvd","AV:N/AC:L/Au:N/C:P/I:P/A:P",[116,123,127,132,137,141,145,150,156,160,164,169,173,177,181,186,190],{"url":117,"sources":118,"tags":120},"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html",[119,113],"cve.org",[121,122],"Vendor Advisory","X Refsource SUSE",{"url":124,"sources":125,"tags":126},"http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html",[119,113],[121,122],{"url":128,"sources":129,"tags":130},"http://www.ubuntu.com/usn/USN-2702-3",[119,113],[121,131],"X Refsource UBUNTU",{"url":133,"sources":134,"tags":135},"https://bugzilla.mozilla.org/show_bug.cgi?id=1175396",[119,113],[136],"X Refsource CONFIRM",{"url":138,"sources":139,"tags":140},"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html",[119,113],[121,122],{"url":142,"sources":143,"tags":144},"http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html",[119,113],[121,122],{"url":146,"sources":147,"tags":148},"http://rhn.redhat.com/errata/RHSA-2015-1586.html",[119,113],[121,149],"X Refsource REDHAT",{"url":151,"sources":152,"tags":153},"http://www.securityfocus.com/bid/76294",[119,113],[154,155],"VDB Entry","X Refsource BID",{"url":157,"sources":158,"tags":159},"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",[119,113],[136],{"url":161,"sources":162,"tags":163},"http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html",[119,113],[121,122],{"url":165,"sources":166,"tags":167},"http://www.securitytracker.com/id/1033247",[119,113],[154,168],"X Refsource SECTRACK",{"url":170,"sources":171,"tags":172},"http://www.ubuntu.com/usn/USN-2702-2",[119,113],[121,131],{"url":174,"sources":175,"tags":176},"http://www.mozilla.org/security/announce/2015/mfsa2015-80.html",[119,113],[136,121],{"url":178,"sources":179,"tags":180},"http://www.ubuntu.com/usn/USN-2702-1",[119,113],[121,131],{"url":182,"sources":183,"tags":184},"https://security.gentoo.org/glsa/201605-06",[119,113],[121,185],"X Refsource GENTOO",{"url":187,"sources":188,"tags":189},"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html",[119,113],[121,122],{"url":191,"sources":192,"tags":193},"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html",[119,113],[121,122],[],{"date":196,"score":109,"percentile":197},"2026-06-04",0.77895,[199,203,206,209,212,215,218,221,223,226,229,232,235,238,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,290,292,295,297,300,303,306,309,312,314,317,320,323,326,329,332,335,337,339,342,345,348,351,354,357,360,362,365,368,371,374,377,380,383,386,389,392,395,398,401,403,406,408,411,414,417,420,422,425,428,431,434,437,440,443,446,448,450,453],{"date":200,"score":201,"percentile":202},"2025-11-04",0.01248,0.78647,{"date":204,"score":201,"percentile":205},"2025-11-05",0.78645,{"date":207,"score":201,"percentile":208},"2025-11-06",0.78641,{"date":210,"score":201,"percentile":211},"2025-11-07",0.78655,{"date":213,"score":201,"percentile":214},"2025-11-08",0.78661,{"date":216,"score":201,"percentile":217},"2025-11-09",0.78657,{"date":219,"score":201,"percentile":220},"2025-11-10",0.78643,{"date":222,"score":201,"percentile":202},"2025-11-11",{"date":224,"score":201,"percentile":225},"2025-11-12",0.78663,{"date":227,"score":201,"percentile":228},"2025-11-13",0.78672,{"date":230,"score":201,"percentile":231},"2025-11-14",0.78679,{"date":233,"score":201,"percentile":234},"2025-11-15",0.78677,{"date":236,"score":201,"percentile":237},"2025-11-16",0.78678,{"date":239,"score":201,"percentile":228},"2025-11-17",{"date":241,"score":201,"percentile":242},"2025-11-18",0.77535,{"date":244,"score":201,"percentile":245},"2025-11-19",0.77543,{"date":247,"score":201,"percentile":248},"2025-11-20",0.77554,{"date":250,"score":201,"percentile":251},"2025-11-21",0.78703,{"date":253,"score":201,"percentile":254},"2025-11-22",0.78705,{"date":256,"score":201,"percentile":257},"2025-11-23",0.78694,{"date":259,"score":201,"percentile":260},"2025-11-24",0.78692,{"date":262,"score":201,"percentile":263},"2025-11-25",0.78697,{"date":265,"score":201,"percentile":266},"2025-11-26",0.787,{"date":268,"score":201,"percentile":269},"2025-11-27",0.78704,{"date":271,"score":201,"percentile":272},"2025-11-28",0.78696,{"date":274,"score":201,"percentile":275},"2025-11-29",0.78701,{"date":277,"score":201,"percentile":278},"2025-11-30",0.78702,{"date":280,"score":201,"percentile":281},"2025-12-01",0.78794,{"date":283,"score":201,"percentile":284},"2025-12-02",0.78795,{"date":286,"score":201,"percentile":287},"2025-12-03",0.78792,{"date":289,"score":201,"percentile":272},"2025-12-04",{"date":291,"score":201,"percentile":251},"2025-12-05",{"date":293,"score":201,"percentile":294},"2025-12-06",0.78706,{"date":296,"score":201,"percentile":251},"2025-12-07",{"date":298,"score":201,"percentile":299},"2025-12-08",0.78707,{"date":301,"score":201,"percentile":302},"2025-12-09",0.78725,{"date":304,"score":201,"percentile":305},"2025-12-10",0.78748,{"date":307,"score":201,"percentile":308},"2025-12-11",0.78763,{"date":310,"score":201,"percentile":311},"2025-12-12",0.78784,{"date":313,"score":201,"percentile":311},"2025-12-13",{"date":315,"score":201,"percentile":316},"2025-12-14",0.78782,{"date":318,"score":201,"percentile":319},"2025-12-15",0.78781,{"date":321,"score":201,"percentile":322},"2025-12-16",0.78793,{"date":324,"score":201,"percentile":325},"2025-12-17",0.78801,{"date":327,"score":201,"percentile":328},"2025-12-18",0.78819,{"date":330,"score":201,"percentile":331},"2025-12-19",0.7883,{"date":333,"score":201,"percentile":334},"2025-12-20",0.78826,{"date":336,"score":201,"percentile":328},"2025-12-21",{"date":338,"score":201,"percentile":328},"2025-12-22",{"date":340,"score":201,"percentile":341},"2025-12-23",0.7882,{"date":343,"score":201,"percentile":344},"2025-12-24",0.78831,{"date":346,"score":201,"percentile":347},"2025-12-25",0.78851,{"date":349,"score":201,"percentile":350},"2025-12-26",0.78848,{"date":352,"score":109,"percentile":353},"2025-12-27",0.77093,{"date":355,"score":201,"percentile":356},"2025-12-28",0.78838,{"date":358,"score":201,"percentile":359},"2025-12-29",0.78832,{"date":361,"score":201,"percentile":356},"2025-12-30",{"date":363,"score":201,"percentile":364},"2025-12-31",0.78855,{"date":366,"score":201,"percentile":367},"2026-01-01",0.78955,{"date":369,"score":201,"percentile":370},"2026-01-02",0.78954,{"date":372,"score":201,"percentile":373},"2026-01-03",0.78948,{"date":375,"score":201,"percentile":376},"2026-01-04",0.78847,{"date":378,"score":201,"percentile":379},"2026-01-05",0.78843,{"date":381,"score":201,"percentile":382},"2026-01-06",0.78849,{"date":384,"score":201,"percentile":385},"2026-01-07",0.78857,{"date":387,"score":201,"percentile":388},"2026-01-08",0.78864,{"date":390,"score":201,"percentile":391},"2026-01-09",0.78866,{"date":393,"score":201,"percentile":394},"2026-01-10",0.78869,{"date":396,"score":201,"percentile":397},"2026-01-11",0.78862,{"date":399,"score":201,"percentile":400},"2026-01-12",0.78852,{"date":402,"score":201,"percentile":376},"2026-01-13",{"date":404,"score":201,"percentile":405},"2026-01-14",0.78868,{"date":407,"score":201,"percentile":394},"2026-01-15",{"date":409,"score":201,"percentile":410},"2026-01-16",0.78875,{"date":412,"score":201,"percentile":413},"2026-01-17",0.78883,{"date":415,"score":201,"percentile":416},"2026-01-18",0.78879,{"date":418,"score":201,"percentile":419},"2026-01-19",0.78876,{"date":421,"score":201,"percentile":410},"2026-01-20",{"date":423,"score":201,"percentile":424},"2026-01-21",0.78881,{"date":426,"score":201,"percentile":427},"2026-01-22",0.7889,{"date":429,"score":201,"percentile":430},"2026-01-23",0.78917,{"date":432,"score":201,"percentile":433},"2026-01-24",0.78928,{"date":435,"score":201,"percentile":436},"2026-01-25",0.78921,{"date":438,"score":201,"percentile":439},"2026-01-26",0.78918,{"date":441,"score":201,"percentile":442},"2026-01-27",0.7892,{"date":444,"score":201,"percentile":445},"2026-01-28",0.78922,{"date":447,"score":201,"percentile":430},"2026-01-29",{"date":449,"score":201,"percentile":442},"2026-01-30",{"date":451,"score":201,"percentile":452},"2026-01-31",0.78923,{"date":454,"score":201,"percentile":455},"2026-02-01",0.79022,[457],{"source":113,"cvss_v2_0":458,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":111,"baseSeverity":9,"vectorString":114,"impactScore":459,"exploitabilityScore":460},6.4,10,[462,475,494],{"ecosystem":9,"name":463,"vendor":464,"product":465,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":467},"ubuntu linux","canonical","ubuntu_linux","o",[468,471,473],{"version":469,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":472,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04",{"version":474,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.04",{"ecosystem":9,"name":476,"vendor":477,"product":478,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":480},"Firefox","mozilla","firefox","a",[481,486,488,490,492],{"version":482,"is_range":483,"range_type":470,"version_start":9,"version_start_type":9,"version_end":484,"version_end_type":485,"fixed_in":9},"lte39.0.3",true,"39.0.3","including",{"version":487,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0",{"version":489,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.1",{"version":491,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.5",{"version":493,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.0",{"ecosystem":9,"name":495,"vendor":495,"product":495,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":496},"opensuse",[497,499],{"version":498,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.1",{"version":500,"is_range":107,"range_type":470,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"13.2"]