[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-12364":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T08:55:34.825Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":38,"downstream":39,"duplicates":94,"related":95,"reserved_at":9,"published_at":111,"modified_at":112,"state":113,"summary":114,"references_raw":123,"kevs":219,"epss":220,"epss_history":223,"metrics":478,"affected":489},"CVE-2018-12364","NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird \u003C 60, Thunderbird \u003C 52.9, Firefox ESR \u003C 60.1, Firefox ESR \u003C 52.9, and Firefox \u003C 61.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-352","Cross-Site Request Forgery (CSRF)","The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.","weakness","Stable","Compound","Medium",[20,24,28,32],{"id":21,"name":22,"techniques":23},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":25,"name":26,"techniques":27},"CAPEC-462","Cross-Domain Search Timing",[],{"id":29,"name":30,"techniques":31},"CAPEC-467","Cross Site Identification",[],{"id":33,"name":34,"techniques":35},"CAPEC-62","Cross Site Request Forgery",[],[],[],[],[40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92],{"_key":41},"RHSA-2018:2112",{"_key":43},"RHSA-2018:2113",{"_key":45},"RHSA-2018:2251",{"_key":47},"RHSA-2018:2252",{"_key":49},"OPENSUSE-SU-2024:10601-1",{"_key":51},"SUSE-SU-2018:2174-1",{"_key":53},"SUSE-SU-2018:2298-1",{"_key":55},"SUSE-SU-2018:2322-1",{"_key":57},"SUSE-SU-2018:2322-2",{"_key":59},"SUSE-SU-2018:2325-1",{"_key":61},"SUSE-SU-2018:3247-1",{"_key":63},"OPENSUSE-SU-2018:2807-1",{"_key":65},"OPENSUSE-SU-2018:3687-1",{"_key":67},"OPENSUSE-SU-2024:10600-1",{"_key":69},"OPENSUSE-SU-2024:14572-1",{"_key":71},"DLA-1406-1",{"_key":73},"DLA-1425-1",{"_key":75},"DSA-4235-1",{"_key":77},"DSA-4244-1",{"_key":79},"MGASA-2018-0305",{"_key":81},"MGASA-2018-0316",{"_key":83},"MGASA-2018-0321",{"_key":85},"MGASA-2018-0480",{"_key":87},"UBUNTU-CVE-2018-12364",{"_key":89},"USN-3705-1",{"_key":91},"USN-3714-1",{"_key":93},"DEBIAN-CVE-2018-12364",[],[96,97,98,99,100,101,102,103,104,105,106,107,108,109,110],{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":79},{"_key":81},{"_key":83},{"_key":85},"2018-10-18T13:00:00.000Z","2024-08-05T08:31:00.279Z","Modified",{"cisa_kev":115,"cisa_ransomware":115,"cisa_vendor":9,"epss_severity":116,"epss_score":117,"severity":118,"severity_score":119,"severity_version":120,"severity_source":121,"severity_vector":122,"severity_status":113},false,"low",0.02537,"high",8.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[124,132,137,142,146,151,155,159,163,167,173,178,182,186,192,196,202,206,211,215],{"url":125,"sources":126,"tags":128},"https://security.gentoo.org/glsa/201810-01",[127,121],"cve.org",[129,130,131],"Vendor Advisory","X Refsource GENTOO","Third Party Advisory",{"url":133,"sources":134,"tags":135},"https://www.mozilla.org/security/advisories/mfsa2018-15/",[127,121],[136,129],"X Refsource CONFIRM",{"url":138,"sources":139,"tags":140},"https://access.redhat.com/errata/RHSA-2018:2112",[127,121],[129,141,131],"X Refsource REDHAT",{"url":143,"sources":144,"tags":145},"https://security.gentoo.org/glsa/201811-13",[127,121],[129,130,131],{"url":147,"sources":148,"tags":149},"https://www.debian.org/security/2018/dsa-4235",[127,121],[129,150,131],"X Refsource DEBIAN",{"url":152,"sources":153,"tags":154},"https://www.mozilla.org/security/advisories/mfsa2018-18/",[127,121],[136,129],{"url":156,"sources":157,"tags":158},"https://access.redhat.com/errata/RHSA-2018:2113",[127,121],[129,141,131],{"url":160,"sources":161,"tags":162},"https://www.mozilla.org/security/advisories/mfsa2018-16/",[127,121],[136,129],{"url":164,"sources":165,"tags":166},"https://www.debian.org/security/2018/dsa-4244",[127,121],[129,150,131],{"url":168,"sources":169,"tags":170},"http://www.securityfocus.com/bid/104560",[127,121],[171,172,131],"VDB Entry","X Refsource BID",{"url":174,"sources":175,"tags":176},"http://www.securitytracker.com/id/1041193",[127,121],[171,177,131],"X Refsource SECTRACK",{"url":179,"sources":180,"tags":181},"https://www.mozilla.org/security/advisories/mfsa2018-19/",[127,121],[136,129],{"url":183,"sources":184,"tags":185},"https://access.redhat.com/errata/RHSA-2018:2252",[127,121],[129,141,131],{"url":187,"sources":188,"tags":189},"https://bugzilla.mozilla.org/show_bug.cgi?id=1436241",[127,121],[136,190,191,129],"Issue Tracking","Permissions Required",{"url":193,"sources":194,"tags":195},"https://www.mozilla.org/security/advisories/mfsa2018-17/",[127,121],[136,129],{"url":197,"sources":198,"tags":199},"https://lists.debian.org/debian-lts-announce/2018/07/msg00013.html",[127,121],[200,201,131],"Mailing List","X Refsource MLIST",{"url":203,"sources":204,"tags":205},"https://access.redhat.com/errata/RHSA-2018:2251",[127,121],[129,141,131],{"url":207,"sources":208,"tags":209},"https://usn.ubuntu.com/3705-1/",[127,121],[129,210,131],"X Refsource UBUNTU",{"url":212,"sources":213,"tags":214},"https://usn.ubuntu.com/3714-1/",[127,121],[129,210,131],{"url":216,"sources":217,"tags":218},"https://lists.debian.org/debian-lts-announce/2018/06/msg00014.html",[127,121],[200,201,131],[],{"date":221,"score":117,"percentile":222},"2026-06-05",0.85751,[224,228,231,234,237,240,243,245,248,251,254,257,260,263,266,270,273,275,278,281,284,287,289,291,294,297,300,302,305,308,311,313,316,319,322,324,327,330,333,336,339,342,344,346,349,352,355,358,360,363,366,369,371,374,378,381,384,387,390,393,395,398,400,403,406,408,411,414,417,420,422,425,427,430,433,436,439,441,443,446,449,452,455,458,461,463,466,469,472,475],{"date":225,"score":226,"percentile":227},"2025-11-04",0.0267,0.8527,{"date":229,"score":226,"percentile":230},"2025-11-05",0.85274,{"date":232,"score":226,"percentile":233},"2025-11-06",0.85277,{"date":235,"score":226,"percentile":236},"2025-11-07",0.85284,{"date":238,"score":226,"percentile":239},"2025-11-08",0.85288,{"date":241,"score":226,"percentile":242},"2025-11-09",0.85283,{"date":244,"score":226,"percentile":233},"2025-11-10",{"date":246,"score":226,"percentile":247},"2025-11-11",0.85282,{"date":249,"score":226,"percentile":250},"2025-11-12",0.85293,{"date":252,"score":226,"percentile":253},"2025-11-13",0.85301,{"date":255,"score":226,"percentile":256},"2025-11-14",0.85303,{"date":258,"score":226,"percentile":259},"2025-11-15",0.85296,{"date":261,"score":226,"percentile":262},"2025-11-16",0.85295,{"date":264,"score":226,"percentile":265},"2025-11-17",0.85281,{"date":267,"score":268,"percentile":269},"2025-11-18",0.00589,0.66627,{"date":271,"score":268,"percentile":272},"2025-11-19",0.66634,{"date":274,"score":268,"percentile":269},"2025-11-20",{"date":276,"score":226,"percentile":277},"2025-11-21",0.85298,{"date":279,"score":226,"percentile":280},"2025-11-22",0.85294,{"date":282,"score":226,"percentile":283},"2025-11-23",0.85285,{"date":285,"score":226,"percentile":286},"2025-11-24",0.85286,{"date":288,"score":226,"percentile":242},"2025-11-25",{"date":290,"score":226,"percentile":286},"2025-11-26",{"date":292,"score":226,"percentile":293},"2025-11-27",0.85287,{"date":295,"score":226,"percentile":296},"2025-11-28",0.85268,{"date":298,"score":226,"percentile":299},"2025-11-29",0.85313,{"date":301,"score":226,"percentile":299},"2025-11-30",{"date":303,"score":226,"percentile":304},"2025-12-01",0.85373,{"date":306,"score":226,"percentile":307},"2025-12-02",0.85377,{"date":309,"score":226,"percentile":310},"2025-12-03",0.85378,{"date":312,"score":226,"percentile":299},"2025-12-04",{"date":314,"score":226,"percentile":315},"2025-12-05",0.85317,{"date":317,"score":226,"percentile":318},"2025-12-06",0.85314,{"date":320,"score":226,"percentile":321},"2025-12-07",0.85302,{"date":323,"score":226,"percentile":256},"2025-12-08",{"date":325,"score":226,"percentile":326},"2025-12-09",0.8531,{"date":328,"score":226,"percentile":329},"2025-12-10",0.85333,{"date":331,"score":226,"percentile":332},"2025-12-11",0.85339,{"date":334,"score":226,"percentile":335},"2025-12-12",0.85344,{"date":337,"score":226,"percentile":338},"2025-12-13",0.8534,{"date":340,"score":226,"percentile":341},"2025-12-14",0.85337,{"date":343,"score":226,"percentile":329},"2025-12-15",{"date":345,"score":226,"percentile":332},"2025-12-16",{"date":347,"score":226,"percentile":348},"2025-12-17",0.85343,{"date":350,"score":226,"percentile":351},"2025-12-18",0.85348,{"date":353,"score":226,"percentile":354},"2025-12-19",0.85352,{"date":356,"score":226,"percentile":357},"2025-12-20",0.85346,{"date":359,"score":226,"percentile":351},"2025-12-21",{"date":361,"score":226,"percentile":362},"2025-12-22",0.85347,{"date":364,"score":226,"percentile":365},"2025-12-23",0.85353,{"date":367,"score":226,"percentile":368},"2025-12-24",0.85358,{"date":370,"score":226,"percentile":304},"2025-12-25",{"date":372,"score":226,"percentile":373},"2025-12-26",0.85376,{"date":375,"score":376,"percentile":377},"2025-12-27",0.01817,0.82448,{"date":379,"score":226,"percentile":380},"2025-12-28",0.85367,{"date":382,"score":226,"percentile":383},"2025-12-29",0.85365,{"date":385,"score":226,"percentile":386},"2025-12-30",0.85372,{"date":388,"score":226,"percentile":389},"2025-12-31",0.85381,{"date":391,"score":226,"percentile":392},"2026-01-01",0.8544,{"date":394,"score":226,"percentile":392},"2026-01-02",{"date":396,"score":226,"percentile":397},"2026-01-03",0.85439,{"date":399,"score":226,"percentile":307},"2026-01-04",{"date":401,"score":226,"percentile":402},"2026-01-05",0.85371,{"date":404,"score":226,"percentile":405},"2026-01-06",0.85375,{"date":407,"score":226,"percentile":307},"2026-01-07",{"date":409,"score":226,"percentile":410},"2026-01-08",0.85386,{"date":412,"score":226,"percentile":413},"2026-01-09",0.85388,{"date":415,"score":226,"percentile":416},"2026-01-10",0.85384,{"date":418,"score":226,"percentile":419},"2026-01-11",0.85379,{"date":421,"score":226,"percentile":386},"2026-01-12",{"date":423,"score":226,"percentile":424},"2026-01-13",0.85366,{"date":426,"score":226,"percentile":416},"2026-01-14",{"date":428,"score":226,"percentile":429},"2026-01-15",0.85383,{"date":431,"score":226,"percentile":432},"2026-01-16",0.85389,{"date":434,"score":226,"percentile":435},"2026-01-17",0.85395,{"date":437,"score":226,"percentile":438},"2026-01-18",0.85391,{"date":440,"score":226,"percentile":413},"2026-01-19",{"date":442,"score":226,"percentile":438},"2026-01-20",{"date":444,"score":226,"percentile":445},"2026-01-21",0.85397,{"date":447,"score":226,"percentile":448},"2026-01-22",0.85401,{"date":450,"score":226,"percentile":451},"2026-01-23",0.85412,{"date":453,"score":226,"percentile":454},"2026-01-24",0.85422,{"date":456,"score":226,"percentile":457},"2026-01-25",0.85419,{"date":459,"score":226,"percentile":460},"2026-01-26",0.85417,{"date":462,"score":226,"percentile":454},"2026-01-27",{"date":464,"score":226,"percentile":465},"2026-01-28",0.85427,{"date":467,"score":226,"percentile":468},"2026-01-29",0.85429,{"date":470,"score":226,"percentile":471},"2026-01-30",0.85431,{"date":473,"score":226,"percentile":474},"2026-01-31",0.8543,{"date":476,"score":226,"percentile":477},"2026-02-01",0.85493,[479],{"source":121,"cvss_v2_0":480,"cvss_v3_0":485,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":481,"baseSeverity":9,"vectorString":482,"impactScore":483,"exploitabilityScore":484},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":119,"baseSeverity":486,"vectorString":122,"impactScore":487,"exploitabilityScore":488},"HIGH",9.8,7.2,[490,505,514,531,545,558,567,573,579,586,591],{"ecosystem":9,"name":491,"vendor":492,"product":493,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":495},"ubuntu linux","canonical","ubuntu_linux","o",[496,499,501,503],{"version":497,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":500,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":502,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"17.10",{"version":504,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"ecosystem":9,"name":506,"vendor":507,"product":508,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":509},"debian linux","debian","debian_linux",[510,512],{"version":511,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":513,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":515,"vendor":9,"product":515,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":516},"Firefox",[517,522,527],{"version":518,"is_range":519,"range_type":498,"version_start":9,"version_start_type":9,"version_end":520,"version_end_type":521,"fixed_in":9},"lt61.0",true,"61.0","excluding",{"version":523,"is_range":519,"range_type":498,"version_start":524,"version_start_type":525,"version_end":526,"version_end_type":521,"fixed_in":9},"gte53.0_lt60.1.0","53.0","including","60.1.0",{"version":528,"is_range":519,"range_type":127,"version_start":529,"version_start_type":525,"version_end":530,"version_end_type":521,"fixed_in":9},">= unspecified, \u003C 61","unspecified","61",{"ecosystem":9,"name":532,"vendor":533,"product":534,"cpe_part":535,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":536},"firefox esr","mozilla","firefox_esr","a",[537,540,543],{"version":538,"is_range":519,"range_type":498,"version_start":9,"version_start_type":9,"version_end":539,"version_end_type":521,"fixed_in":9},"lt52.9","52.9",{"version":541,"is_range":519,"range_type":127,"version_start":529,"version_start_type":525,"version_end":542,"version_end_type":521,"fixed_in":9},">= unspecified, \u003C 60.1","60.1",{"version":544,"is_range":519,"range_type":127,"version_start":529,"version_start_type":525,"version_end":539,"version_end_type":521,"fixed_in":9},">= unspecified, \u003C 52.9",{"ecosystem":9,"name":546,"vendor":533,"product":547,"cpe_part":535,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":548},"Thunderbird","thunderbird",[549,550,554,557],{"version":538,"is_range":519,"range_type":498,"version_start":9,"version_start_type":9,"version_end":539,"version_end_type":521,"fixed_in":9},{"version":551,"is_range":519,"range_type":498,"version_start":552,"version_start_type":525,"version_end":553,"version_end_type":521,"fixed_in":9},"gte52.9.1_lt60.0","52.9.1","60.0",{"version":555,"is_range":519,"range_type":127,"version_start":529,"version_start_type":525,"version_end":556,"version_end_type":521,"fixed_in":9},">= unspecified, \u003C 60","60",{"version":544,"is_range":519,"range_type":127,"version_start":529,"version_start_type":525,"version_end":539,"version_end_type":521,"fixed_in":9},{"ecosystem":9,"name":559,"vendor":560,"product":561,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":562},"enterprise linux desktop","redhat","enterprise_linux_desktop",[563,565],{"version":564,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":566,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":568,"vendor":560,"product":569,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":570},"enterprise linux server","enterprise_linux_server",[571,572],{"version":564,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":566,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":574,"vendor":560,"product":575,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":576},"enterprise linux server aus","enterprise_linux_server_aus",[577],{"version":578,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":580,"vendor":560,"product":581,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":582},"enterprise linux server eus","enterprise_linux_server_eus",[583,585],{"version":584,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.5",{"version":578,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":587,"vendor":560,"product":588,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":589},"enterprise linux server tus","enterprise_linux_server_tus",[590],{"version":578,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":592,"vendor":560,"product":593,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":594},"enterprise linux workstation","enterprise_linux_workstation",[595,596],{"version":564,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":566,"is_range":115,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]