[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-7189":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":83,"aliases":84,"duplicate_of":9,"upstream":85,"downstream":86,"duplicates":119,"related":120,"reserved_at":9,"published_at":130,"modified_at":131,"state":132,"summary":133,"references_raw":142,"kevs":234,"epss":235,"epss_history":238,"metrics":482,"affected":487},"CVE-2015-7189","Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via vectors involving a CANVAS element and crafted JavaScript code.",null,[11,68],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],{"_key":69,"id":69,"name":70,"description":71,"type":15,"status":72,"abstraction":17,"likelihood_of_exploit":73,"capec":74},"CWE-362","Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.","Draft","Medium",[75,79],{"id":76,"name":77,"techniques":78},"CAPEC-26","Leveraging Race Conditions",[],{"id":80,"name":81,"techniques":82},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],[],[],[],[87,89,91,93,95,97,99,101,103,105,107,109,111,113,115,117],{"_key":88},"RHSA-2015:1982",{"_key":90},"RHSA-2015:2519",{"_key":92},"OPENSUSE-SU-2024:10071-1",{"_key":94},"SUSE-SU-2015:1926-1",{"_key":96},"SUSE-SU-2015:1978-1",{"_key":98},"SUSE-SU-2015:1981-1",{"_key":100},"OPENSUSE-SU-2024:10230-1",{"_key":102},"OPENSUSE-SU-2024:14572-1",{"_key":104},"DSA-3393-1",{"_key":106},"DSA-3410-1",{"_key":108},"MGASA-2015-0427",{"_key":110},"MGASA-2015-0447",{"_key":112},"MGASA-2015-0462",{"_key":114},"UBUNTU-CVE-2015-7189",{"_key":116},"USN-2785-1",{"_key":118},"USN-2819-1",[],[121,122,123,124,125,126,127,128,129],{"_key":92},{"_key":94},{"_key":96},{"_key":98},{"_key":100},{"_key":102},{"_key":108},{"_key":110},{"_key":112},"2015-11-05T02:00:00.000Z","2024-08-06T07:43:44.973Z","Modified",{"cisa_kev":134,"cisa_ransomware":134,"cisa_vendor":9,"epss_severity":135,"epss_score":136,"severity":137,"severity_score":138,"severity_version":139,"severity_source":140,"severity_vector":141,"severity_status":132},false,"low",0.03549,"medium",6.8,"v2.0","nvd","AV:N/AC:M/Au:N/C:P/I:P/A:P",[143,150,156,161,166,171,176,180,184,189,194,198,202,206,210,214,218,222,226,230],{"url":144,"sources":145,"tags":147},"http://www.securitytracker.com/id/1034069",[146,140],"cve.org",[148,149],"VDB Entry","X Refsource SECTRACK",{"url":151,"sources":152,"tags":153},"http://www.debian.org/security/2015/dsa-3410",[146,140],[154,155],"Vendor Advisory","X Refsource DEBIAN",{"url":157,"sources":158,"tags":159},"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html",[146,140],[154,160],"X Refsource SUSE",{"url":162,"sources":163,"tags":164},"http://www.mozilla.org/security/announce/2015/mfsa2015-123.html",[146,140],[165,154],"X Refsource CONFIRM",{"url":167,"sources":168,"tags":169},"https://security.gentoo.org/glsa/201512-10",[146,140],[154,170],"X Refsource GENTOO",{"url":172,"sources":173,"tags":174},"http://www.securityfocus.com/bid/77411",[146,140],[148,175],"X Refsource BID",{"url":177,"sources":178,"tags":179},"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html",[146,140],[154,160],{"url":181,"sources":182,"tags":183},"http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html",[146,140],[154,160],{"url":185,"sources":186,"tags":187},"http://rhn.redhat.com/errata/RHSA-2015-2519.html",[146,140],[154,188],"X Refsource REDHAT",{"url":190,"sources":191,"tags":192},"http://www.ubuntu.com/usn/USN-2785-1",[146,140],[154,193],"X Refsource UBUNTU",{"url":195,"sources":196,"tags":197},"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html",[146,140],[154,160],{"url":199,"sources":200,"tags":201},"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",[146,140],[165],{"url":203,"sources":204,"tags":205},"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",[146,140],[165],{"url":207,"sources":208,"tags":209},"http://rhn.redhat.com/errata/RHSA-2015-1982.html",[146,140],[154,188],{"url":211,"sources":212,"tags":213},"http://www.ubuntu.com/usn/USN-2819-1",[146,140],[154,193],{"url":215,"sources":216,"tags":217},"https://bugzilla.mozilla.org/show_bug.cgi?id=1205900",[146,140],[165],{"url":219,"sources":220,"tags":221},"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html",[146,140],[154,160],{"url":223,"sources":224,"tags":225},"http://www.debian.org/security/2015/dsa-3393",[146,140],[154,155],{"url":227,"sources":228,"tags":229},"http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html",[146,140],[154,160],{"url":231,"sources":232,"tags":233},"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html",[146,140],[154,160],[],{"date":236,"score":136,"percentile":237},"2026-06-04",0.87901,[239,243,246,248,251,254,257,259,262,265,268,271,274,277,279,282,285,288,291,294,297,299,301,303,305,307,310,313,316,319,321,324,326,329,332,335,338,341,344,347,350,353,355,357,360,363,366,368,371,373,376,379,382,384,387,389,392,395,398,401,403,405,408,411,413,415,418,420,423,425,427,429,432,434,437,440,442,445,448,451,454,457,460,463,465,468,470,473,476,479],{"date":240,"score":241,"percentile":242},"2025-11-04",0.03503,0.87093,{"date":244,"score":241,"percentile":245},"2025-11-05",0.87096,{"date":247,"score":241,"percentile":242},"2025-11-06",{"date":249,"score":241,"percentile":250},"2025-11-07",0.871,{"date":252,"score":241,"percentile":253},"2025-11-08",0.87104,{"date":255,"score":241,"percentile":256},"2025-11-09",0.87098,{"date":258,"score":241,"percentile":245},"2025-11-10",{"date":260,"score":241,"percentile":261},"2025-11-11",0.87103,{"date":263,"score":241,"percentile":264},"2025-11-12",0.87109,{"date":266,"score":241,"percentile":267},"2025-11-13",0.87113,{"date":269,"score":241,"percentile":270},"2025-11-14",0.87116,{"date":272,"score":241,"percentile":273},"2025-11-15",0.8711,{"date":275,"score":241,"percentile":276},"2025-11-16",0.87114,{"date":278,"score":241,"percentile":264},"2025-11-17",{"date":280,"score":241,"percentile":281},"2025-11-18",0.86406,{"date":283,"score":241,"percentile":284},"2025-11-19",0.86407,{"date":286,"score":241,"percentile":287},"2025-11-20",0.86409,{"date":289,"score":241,"percentile":290},"2025-11-21",0.8712,{"date":292,"score":241,"percentile":293},"2025-11-22",0.87115,{"date":295,"score":241,"percentile":296},"2025-11-23",0.87112,{"date":298,"score":241,"percentile":267},"2025-11-24",{"date":300,"score":241,"percentile":267},"2025-11-25",{"date":302,"score":241,"percentile":296},"2025-11-26",{"date":304,"score":241,"percentile":276},"2025-11-27",{"date":306,"score":241,"percentile":253},"2025-11-28",{"date":308,"score":241,"percentile":309},"2025-11-29",0.87178,{"date":311,"score":241,"percentile":312},"2025-11-30",0.87177,{"date":314,"score":241,"percentile":315},"2025-12-01",0.8724,{"date":317,"score":241,"percentile":318},"2025-12-02",0.87241,{"date":320,"score":241,"percentile":315},"2025-12-03",{"date":322,"score":241,"percentile":323},"2025-12-04",0.87174,{"date":325,"score":241,"percentile":312},"2025-12-05",{"date":327,"score":241,"percentile":328},"2025-12-06",0.87176,{"date":330,"score":241,"percentile":331},"2025-12-07",0.87169,{"date":333,"score":241,"percentile":334},"2025-12-08",0.87171,{"date":336,"score":241,"percentile":337},"2025-12-09",0.87183,{"date":339,"score":241,"percentile":340},"2025-12-10",0.872,{"date":342,"score":241,"percentile":343},"2025-12-11",0.87206,{"date":345,"score":241,"percentile":346},"2025-12-12",0.87211,{"date":348,"score":241,"percentile":349},"2025-12-13",0.87209,{"date":351,"score":241,"percentile":352},"2025-12-14",0.87203,{"date":354,"score":241,"percentile":352},"2025-12-15",{"date":356,"score":241,"percentile":346},"2025-12-16",{"date":358,"score":241,"percentile":359},"2025-12-17",0.87215,{"date":361,"score":241,"percentile":362},"2025-12-18",0.87223,{"date":364,"score":241,"percentile":365},"2025-12-19",0.87225,{"date":367,"score":241,"percentile":362},"2025-12-20",{"date":369,"score":241,"percentile":370},"2025-12-21",0.87224,{"date":372,"score":241,"percentile":365},"2025-12-22",{"date":374,"score":241,"percentile":375},"2025-12-23",0.87226,{"date":377,"score":241,"percentile":378},"2025-12-24",0.87233,{"date":380,"score":241,"percentile":381},"2025-12-25",0.87246,{"date":383,"score":241,"percentile":381},"2025-12-26",{"date":385,"score":241,"percentile":386},"2025-12-27",0.87293,{"date":388,"score":241,"percentile":318},"2025-12-28",{"date":390,"score":241,"percentile":391},"2025-12-29",0.87235,{"date":393,"score":241,"percentile":394},"2025-12-30",0.87243,{"date":396,"score":241,"percentile":397},"2025-12-31",0.87254,{"date":399,"score":241,"percentile":400},"2026-01-01",0.87313,{"date":402,"score":241,"percentile":400},"2026-01-02",{"date":404,"score":241,"percentile":400},"2026-01-03",{"date":406,"score":241,"percentile":407},"2026-01-04",0.87248,{"date":409,"score":241,"percentile":410},"2026-01-05",0.87244,{"date":412,"score":241,"percentile":381},"2026-01-06",{"date":414,"score":241,"percentile":381},"2026-01-07",{"date":416,"score":241,"percentile":417},"2026-01-08",0.87253,{"date":419,"score":241,"percentile":417},"2026-01-09",{"date":421,"score":241,"percentile":422},"2026-01-10",0.87255,{"date":424,"score":241,"percentile":407},"2026-01-11",{"date":426,"score":241,"percentile":381},"2026-01-12",{"date":428,"score":241,"percentile":410},"2026-01-13",{"date":430,"score":241,"percentile":431},"2026-01-14",0.87256,{"date":433,"score":241,"percentile":397},"2026-01-15",{"date":435,"score":241,"percentile":436},"2026-01-16",0.87261,{"date":438,"score":241,"percentile":439},"2026-01-17",0.87262,{"date":441,"score":241,"percentile":436},"2026-01-18",{"date":443,"score":241,"percentile":444},"2026-01-19",0.87259,{"date":446,"score":241,"percentile":447},"2026-01-20",0.87258,{"date":449,"score":241,"percentile":450},"2026-01-21",0.8726,{"date":452,"score":241,"percentile":453},"2026-01-22",0.87265,{"date":455,"score":241,"percentile":456},"2026-01-23",0.87275,{"date":458,"score":241,"percentile":459},"2026-01-24",0.87284,{"date":461,"score":241,"percentile":462},"2026-01-25",0.8728,{"date":464,"score":241,"percentile":462},"2026-01-26",{"date":466,"score":241,"percentile":467},"2026-01-27",0.87281,{"date":469,"score":241,"percentile":459},"2026-01-28",{"date":471,"score":241,"percentile":472},"2026-01-29",0.87288,{"date":474,"score":241,"percentile":475},"2026-01-30",0.8729,{"date":477,"score":241,"percentile":478},"2026-01-31",0.87289,{"date":480,"score":241,"percentile":481},"2026-02-01",0.87357,[483],{"source":140,"cvss_v2_0":484,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":138,"baseSeverity":9,"vectorString":141,"impactScore":485,"exploitabilityScore":486},6.4,8.6,[488],{"ecosystem":9,"name":489,"vendor":490,"product":491,"cpe_part":492,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":493},"Firefox","mozilla","firefox","a",[494,497,499,501,503,505,507,509,511],{"version":495,"is_range":134,"range_type":496,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0","cpe",{"version":498,"is_range":134,"range_type":496,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.1",{"version":500,"is_range":134,"range_type":496,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.0.5",{"version":502,"is_range":134,"range_type":496,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.0",{"version":504,"is_range":134,"range_type":496,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.1.1",{"version":506,"is_range":134,"range_type":496,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.2.0",{"version":508,"is_range":134,"range_type":496,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.2.1",{"version":510,"is_range":134,"range_type":496,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"38.3.0",{"version":512,"is_range":513,"range_type":496,"version_start":9,"version_start_type":9,"version_end":514,"version_end_type":515,"fixed_in":9},"lte41.0.2",true,"41.0.2","including"]