[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-12389":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T14:55:36.164Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":112,"related":113,"reserved_at":9,"published_at":123,"modified_at":124,"state":125,"summary":126,"references_raw":135,"kevs":219,"epss":220,"epss_history":223,"metrics":470,"affected":481},"CVE-2018-12389","Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003C 60.3 and Thunderbird \u003C 60.3.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110],{"_key":73},"SUSE-SU-2018:3749-2",{"_key":75},"RHSA-2018:3005",{"_key":77},"RHSA-2018:3006",{"_key":79},"RHSA-2018:3531",{"_key":81},"RHSA-2018:3532",{"_key":83},"OPENSUSE-SU-2024:10601-1",{"_key":85},"SUSE-SU-2018:3656-1",{"_key":87},"SUSE-SU-2018:3749-1",{"_key":89},"SUSE-SU-2018:3749-3",{"_key":91},"SUSE-SU-2018:3769-1",{"_key":93},"OPENSUSE-SU-2018:3687-1",{"_key":95},"DLA-1571-1",{"_key":97},"DLA-1575-1",{"_key":99},"DSA-4324-1",{"_key":101},"DSA-4337-1",{"_key":103},"MGASA-2018-0420",{"_key":105},"MGASA-2018-0480",{"_key":107},"UBUNTU-CVE-2018-12389",{"_key":109},"USN-3868-1",{"_key":111},"DEBIAN-CVE-2018-12389",[],[114,115,116,117,118,119,120,121,122],{"_key":73},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":103},{"_key":105},"2019-02-28T18:00:00.000Z","2024-08-05T08:31:00.289Z","Modified",{"cisa_kev":127,"cisa_ransomware":127,"cisa_vendor":9,"epss_severity":128,"epss_score":129,"severity":130,"severity_score":131,"severity_version":132,"severity_source":133,"severity_vector":134,"severity_status":125},false,"low",0.01126,"high",8.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[136,144,150,155,161,166,170,174,178,183,187,192,196,202,206,210,214],{"url":137,"sources":138,"tags":140},"http://www.securityfocus.com/bid/105769",[139,133],"cve.org",[141,142,143],"VDB Entry","X Refsource BID","Third Party Advisory",{"url":145,"sources":146,"tags":147},"https://www.debian.org/security/2018/dsa-4324",[139,133],[148,149,143],"Vendor Advisory","X Refsource DEBIAN",{"url":151,"sources":152,"tags":153},"https://www.mozilla.org/security/advisories/mfsa2018-28/",[139,133],[154,148],"X Refsource CONFIRM",{"url":156,"sources":157,"tags":158},"https://lists.debian.org/debian-lts-announce/2018/11/msg00011.html",[139,133],[159,160,143],"Mailing List","X Refsource MLIST",{"url":162,"sources":163,"tags":164},"https://security.gentoo.org/glsa/201811-04",[139,133],[148,165,143],"X Refsource GENTOO",{"url":167,"sources":168,"tags":169},"https://security.gentoo.org/glsa/201811-13",[139,133],[148,165,143],{"url":171,"sources":172,"tags":173},"https://www.debian.org/security/2018/dsa-4337",[139,133],[148,149,143],{"url":175,"sources":176,"tags":177},"https://www.mozilla.org/security/advisories/mfsa2018-27/",[139,133],[154,148],{"url":179,"sources":180,"tags":181},"https://access.redhat.com/errata/RHSA-2018:3005",[139,133],[148,182,143],"X Refsource REDHAT",{"url":184,"sources":185,"tags":186},"https://access.redhat.com/errata/RHSA-2018:3006",[139,133],[148,182,143],{"url":188,"sources":189,"tags":190},"https://usn.ubuntu.com/3868-1/",[139,133],[148,191,143],"X Refsource UBUNTU",{"url":193,"sources":194,"tags":195},"https://access.redhat.com/errata/RHSA-2018:3532",[139,133],[148,182,143],{"url":197,"sources":198,"tags":199},"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1498460%2C1499198",[139,133],[154,200,201,148],"Broken Link","Issue Tracking",{"url":203,"sources":204,"tags":205},"http://www.securityfocus.com/bid/105723",[139,133],[141,142,143],{"url":207,"sources":208,"tags":209},"https://access.redhat.com/errata/RHSA-2018:3531",[139,133],[148,182,143],{"url":211,"sources":212,"tags":213},"https://lists.debian.org/debian-lts-announce/2018/11/msg00008.html",[139,133],[159,160,143],{"url":215,"sources":216,"tags":217},"http://www.securitytracker.com/id/1041944",[139,133],[141,218,143],"X Refsource SECTRACK",[],{"date":221,"score":129,"percentile":222},"2026-06-06",0.78661,[224,228,231,234,237,240,243,246,248,251,254,257,259,261,264,267,269,272,275,278,281,284,287,289,291,294,296,298,301,304,307,309,312,315,317,320,323,326,329,332,335,339,342,345,348,351,354,357,360,363,366,369,371,374,378,381,384,387,389,391,394,397,400,403,406,408,410,412,414,417,420,422,425,427,430,433,435,438,440,442,445,448,450,452,454,456,458,462,465,468],{"date":225,"score":226,"percentile":227},"2025-11-04",0.01829,0.82299,{"date":229,"score":226,"percentile":230},"2025-11-05",0.82302,{"date":232,"score":226,"percentile":233},"2025-11-06",0.82305,{"date":235,"score":226,"percentile":236},"2025-11-07",0.82315,{"date":238,"score":226,"percentile":239},"2025-11-08",0.82322,{"date":241,"score":226,"percentile":242},"2025-11-09",0.82318,{"date":244,"score":226,"percentile":245},"2025-11-10",0.8231,{"date":247,"score":226,"percentile":242},"2025-11-11",{"date":249,"score":226,"percentile":250},"2025-11-12",0.82328,{"date":252,"score":226,"percentile":253},"2025-11-13",0.82332,{"date":255,"score":226,"percentile":256},"2025-11-14",0.82335,{"date":258,"score":226,"percentile":250},"2025-11-15",{"date":260,"score":226,"percentile":253},"2025-11-16",{"date":262,"score":226,"percentile":263},"2025-11-17",0.8233,{"date":265,"score":226,"percentile":266},"2025-11-18",0.81422,{"date":268,"score":226,"percentile":266},"2025-11-19",{"date":270,"score":226,"percentile":271},"2025-11-20",0.81427,{"date":273,"score":226,"percentile":274},"2025-11-21",0.82343,{"date":276,"score":226,"percentile":277},"2025-11-22",0.82345,{"date":279,"score":226,"percentile":280},"2025-11-23",0.82337,{"date":282,"score":226,"percentile":283},"2025-11-24",0.82336,{"date":285,"score":226,"percentile":286},"2025-11-25",0.82333,{"date":288,"score":226,"percentile":256},"2025-11-26",{"date":290,"score":226,"percentile":283},"2025-11-27",{"date":292,"score":226,"percentile":293},"2025-11-28",0.82325,{"date":295,"score":226,"percentile":263},"2025-11-29",{"date":297,"score":226,"percentile":283},"2025-11-30",{"date":299,"score":226,"percentile":300},"2025-12-01",0.82408,{"date":302,"score":226,"percentile":303},"2025-12-02",0.8241,{"date":305,"score":226,"percentile":306},"2025-12-03",0.82409,{"date":308,"score":226,"percentile":286},"2025-12-04",{"date":310,"score":226,"percentile":311},"2025-12-05",0.82341,{"date":313,"score":226,"percentile":314},"2025-12-06",0.82338,{"date":316,"score":226,"percentile":283},"2025-12-07",{"date":318,"score":226,"percentile":319},"2025-12-08",0.8234,{"date":321,"score":226,"percentile":322},"2025-12-09",0.82355,{"date":324,"score":226,"percentile":325},"2025-12-10",0.8238,{"date":327,"score":226,"percentile":328},"2025-12-11",0.82396,{"date":330,"score":226,"percentile":331},"2025-12-12",0.82405,{"date":333,"score":226,"percentile":334},"2025-12-13",0.82404,{"date":336,"score":337,"percentile":338},"2025-12-14",0.01795,0.82256,{"date":340,"score":337,"percentile":341},"2025-12-15",0.82253,{"date":343,"score":337,"percentile":344},"2025-12-16",0.82264,{"date":346,"score":337,"percentile":347},"2025-12-17",0.8227,{"date":349,"score":337,"percentile":350},"2025-12-18",0.82281,{"date":352,"score":337,"percentile":353},"2025-12-19",0.82285,{"date":355,"score":337,"percentile":356},"2025-12-20",0.8228,{"date":358,"score":337,"percentile":359},"2025-12-21",0.82278,{"date":361,"score":337,"percentile":362},"2025-12-22",0.82282,{"date":364,"score":337,"percentile":365},"2025-12-23",0.82286,{"date":367,"score":337,"percentile":368},"2025-12-24",0.82295,{"date":370,"score":337,"percentile":245},"2025-12-25",{"date":372,"score":337,"percentile":373},"2025-12-26",0.82311,{"date":375,"score":376,"percentile":377},"2025-12-27",0.01122,0.77802,{"date":379,"score":337,"percentile":380},"2025-12-28",0.82296,{"date":382,"score":337,"percentile":383},"2025-12-29",0.8229,{"date":385,"score":337,"percentile":386},"2025-12-30",0.82298,{"date":388,"score":337,"percentile":373},"2025-12-31",{"date":390,"score":337,"percentile":325},"2026-01-01",{"date":392,"score":337,"percentile":393},"2026-01-02",0.82376,{"date":395,"score":337,"percentile":396},"2026-01-03",0.8237,{"date":398,"score":337,"percentile":399},"2026-01-04",0.82289,{"date":401,"score":337,"percentile":402},"2026-01-05",0.82283,{"date":404,"score":337,"percentile":405},"2026-01-06",0.82288,{"date":407,"score":337,"percentile":399},"2026-01-07",{"date":409,"score":337,"percentile":368},"2026-01-08",{"date":411,"score":337,"percentile":368},"2026-01-09",{"date":413,"score":337,"percentile":368},"2026-01-10",{"date":415,"score":337,"percentile":416},"2026-01-11",0.82292,{"date":418,"score":337,"percentile":419},"2026-01-12",0.82284,{"date":421,"score":337,"percentile":362},"2026-01-13",{"date":423,"score":337,"percentile":424},"2026-01-14",0.82301,{"date":426,"score":337,"percentile":227},"2026-01-15",{"date":428,"score":337,"percentile":429},"2026-01-16",0.82309,{"date":431,"score":337,"percentile":432},"2026-01-17",0.82312,{"date":434,"score":337,"percentile":245},"2026-01-18",{"date":436,"score":337,"percentile":437},"2026-01-19",0.82306,{"date":439,"score":337,"percentile":233},"2026-01-20",{"date":441,"score":337,"percentile":373},"2026-01-21",{"date":443,"score":337,"percentile":444},"2026-01-22",0.82319,{"date":446,"score":337,"percentile":447},"2026-01-23",0.82339,{"date":449,"score":337,"percentile":277},"2026-01-24",{"date":451,"score":337,"percentile":314},"2026-01-25",{"date":453,"score":337,"percentile":256},"2026-01-26",{"date":455,"score":337,"percentile":286},"2026-01-27",{"date":457,"score":337,"percentile":280},"2026-01-28",{"date":459,"score":460,"percentile":461},"2026-01-29",0.01766,0.82214,{"date":463,"score":460,"percentile":464},"2026-01-30",0.8222,{"date":466,"score":460,"percentile":467},"2026-01-31",0.82225,{"date":469,"score":460,"percentile":230},"2026-02-01",[471],{"source":133,"cvss_v2_0":472,"cvss_v3_0":477,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":473,"baseSeverity":9,"vectorString":474,"impactScore":475,"exploitabilityScore":476},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":131,"baseSeverity":478,"vectorString":134,"impactScore":479,"exploitabilityScore":480},"HIGH",9.8,7.2,[482,497,506,514,525,531,540,546,552,559,564],{"ecosystem":9,"name":483,"vendor":484,"product":485,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":487},"ubuntu linux","canonical","ubuntu_linux","o",[488,491,493,495],{"version":489,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":492,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":494,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":496,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":498,"vendor":499,"product":500,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"debian linux","debian","debian_linux",[502,504],{"version":503,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":505,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":507,"vendor":9,"product":507,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":508},"Firefox",[509],{"version":510,"is_range":511,"range_type":490,"version_start":9,"version_start_type":9,"version_end":512,"version_end_type":513,"fixed_in":9},"lt60.3.0",true,"60.3.0","excluding",{"ecosystem":9,"name":515,"vendor":516,"product":517,"cpe_part":518,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":519},"firefox esr","mozilla","firefox_esr","a",[520],{"version":521,"is_range":511,"range_type":139,"version_start":522,"version_start_type":523,"version_end":524,"version_end_type":513,"fixed_in":9},">= unspecified, \u003C 60.3","unspecified","including","60.3",{"ecosystem":9,"name":526,"vendor":516,"product":527,"cpe_part":518,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":528},"Thunderbird","thunderbird",[529,530],{"version":510,"is_range":511,"range_type":490,"version_start":9,"version_start_type":9,"version_end":512,"version_end_type":513,"fixed_in":9},{"version":521,"is_range":511,"range_type":139,"version_start":522,"version_start_type":523,"version_end":524,"version_end_type":513,"fixed_in":9},{"ecosystem":9,"name":532,"vendor":533,"product":534,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":535},"enterprise linux desktop","redhat","enterprise_linux_desktop",[536,538],{"version":537,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":539,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":541,"vendor":533,"product":542,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},"enterprise linux server","enterprise_linux_server",[544,545],{"version":537,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":539,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":547,"vendor":533,"product":548,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":549},"enterprise linux server aus","enterprise_linux_server_aus",[550],{"version":551,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":553,"vendor":533,"product":554,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":555},"enterprise linux server eus","enterprise_linux_server_eus",[556,558],{"version":557,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.5",{"version":551,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":560,"vendor":533,"product":561,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":562},"enterprise linux server tus","enterprise_linux_server_tus",[563],{"version":551,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":565,"vendor":533,"product":566,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":567},"enterprise linux workstation","enterprise_linux_workstation",[568,569],{"version":537,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":539,"is_range":127,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]