[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-12405":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":114,"related":115,"reserved_at":9,"published_at":125,"modified_at":126,"state":127,"summary":128,"references_raw":137,"kevs":212,"epss":213,"epss_history":216,"metrics":465,"affected":474},"CVE-2018-12405","Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003C 60.4, Firefox ESR \u003C 60.4, and Firefox \u003C 64.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112],{"_key":73},"OPENSUSE-SU-2019:0249-1",{"_key":75},"RHSA-2018:3831",{"_key":77},"RHSA-2018:3833",{"_key":79},"RHSA-2019:0159",{"_key":81},"RHSA-2019:0160",{"_key":83},"OPENSUSE-SU-2024:10601-1",{"_key":85},"SUSE-SU-2018:4235-1",{"_key":87},"SUSE-SU-2018:4236-1",{"_key":89},"SUSE-SU-2018:4236-2",{"_key":91},"SUSE-SU-2019:0338-1",{"_key":93},"OPENSUSE-SU-2024:10600-1",{"_key":95},"OPENSUSE-SU-2024:14572-1",{"_key":97},"DLA-1605-1",{"_key":99},"DLA-1624-1",{"_key":101},"DSA-4354-1",{"_key":103},"DSA-4362-1",{"_key":105},"MGASA-2018-0483",{"_key":107},"UBUNTU-CVE-2018-12405",{"_key":109},"USN-3844-1",{"_key":111},"USN-3868-1",{"_key":113},"DEBIAN-CVE-2018-12405",[],[116,117,118,119,120,121,122,123,124],{"_key":73},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},{"_key":95},{"_key":105},"2019-02-28T18:00:00.000Z","2024-08-05T08:38:04.965Z","Modified",{"cisa_kev":129,"cisa_ransomware":129,"cisa_vendor":9,"epss_severity":130,"epss_score":131,"severity":132,"severity_score":133,"severity_version":134,"severity_source":135,"severity_vector":136,"severity_status":127},false,"low",0.05486,"critical",9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[138,145,152,157,161,166,171,177,182,188,192,196,200,204,208],{"url":139,"sources":140,"tags":142},"https://www.mozilla.org/security/advisories/mfsa2018-29/",[141,135],"cve.org",[143,144],"X Refsource CONFIRM","Vendor Advisory",{"url":146,"sources":147,"tags":148},"https://lists.debian.org/debian-lts-announce/2018/12/msg00002.html",[141,135],[149,150,151],"Mailing List","X Refsource MLIST","Third Party Advisory",{"url":153,"sources":154,"tags":155},"https://access.redhat.com/errata/RHSA-2018:3833",[141,135],[144,156,151],"X Refsource REDHAT",{"url":158,"sources":159,"tags":160},"https://access.redhat.com/errata/RHSA-2018:3831",[141,135],[144,156,151],{"url":162,"sources":163,"tags":164},"https://www.debian.org/security/2019/dsa-4362",[141,135],[144,165,151],"X Refsource DEBIAN",{"url":167,"sources":168,"tags":169},"https://security.gentoo.org/glsa/201903-04",[141,135],[144,170,151],"X Refsource GENTOO",{"url":172,"sources":173,"tags":174},"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1494752%2C1498765%2C1503326%2C1505181%2C1500759%2C1504365%2C1506640%2C1503082%2C1502013%2C1510471",[141,135],[143,175,176,144],"Broken Link","Issue Tracking",{"url":178,"sources":179,"tags":180},"https://usn.ubuntu.com/3844-1/",[141,135],[144,181,151],"X Refsource UBUNTU",{"url":183,"sources":184,"tags":185},"http://www.securityfocus.com/bid/106168",[141,135],[186,187,151],"VDB Entry","X Refsource BID",{"url":189,"sources":190,"tags":191},"https://access.redhat.com/errata/RHSA-2019:0159",[141,135],[144,156,151],{"url":193,"sources":194,"tags":195},"https://www.mozilla.org/security/advisories/mfsa2018-31/",[141,135],[143,144],{"url":197,"sources":198,"tags":199},"https://www.mozilla.org/security/advisories/mfsa2018-30/",[141,135],[143,144],{"url":201,"sources":202,"tags":203},"https://www.debian.org/security/2018/dsa-4354",[141,135],[144,165,151],{"url":205,"sources":206,"tags":207},"https://usn.ubuntu.com/3868-1/",[141,135],[144,181,151],{"url":209,"sources":210,"tags":211},"https://access.redhat.com/errata/RHSA-2019:0160",[141,135],[144,156,151],[],{"date":214,"score":131,"percentile":215},"2026-06-05",0.9039,[217,221,224,227,230,233,235,239,242,246,249,252,255,257,259,262,265,268,271,274,277,280,283,286,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,340,343,346,349,352,354,357,359,361,364,366,368,371,375,378,381,384,386,389,392,395,397,399,401,403,405,408,411,413,415,417,420,422,424,427,430,432,435,438,441,443,445,447,450,452,455,458,460,462],{"date":218,"score":219,"percentile":220},"2025-11-04",0.05062,0.89279,{"date":222,"score":219,"percentile":223},"2025-11-05",0.89276,{"date":225,"score":219,"percentile":226},"2025-11-06",0.8927,{"date":228,"score":219,"percentile":229},"2025-11-07",0.89278,{"date":231,"score":219,"percentile":232},"2025-11-08",0.8928,{"date":234,"score":219,"percentile":229},"2025-11-09",{"date":236,"score":237,"percentile":238},"2025-11-10",0.04794,0.88975,{"date":240,"score":237,"percentile":241},"2025-11-11",0.88977,{"date":243,"score":244,"percentile":245},"2025-11-12",0.10616,0.92963,{"date":247,"score":244,"percentile":248},"2025-11-13",0.92967,{"date":250,"score":244,"percentile":251},"2025-11-14",0.92969,{"date":253,"score":244,"percentile":254},"2025-11-15",0.92964,{"date":256,"score":244,"percentile":251},"2025-11-16",{"date":258,"score":244,"percentile":248},"2025-11-17",{"date":260,"score":244,"percentile":261},"2025-11-18",0.92532,{"date":263,"score":244,"percentile":264},"2025-11-19",0.92535,{"date":266,"score":244,"percentile":267},"2025-11-20",0.92539,{"date":269,"score":244,"percentile":270},"2025-11-21",0.92984,{"date":272,"score":244,"percentile":273},"2025-11-22",0.92983,{"date":275,"score":244,"percentile":276},"2025-11-23",0.92986,{"date":278,"score":244,"percentile":279},"2025-11-24",0.92987,{"date":281,"score":244,"percentile":282},"2025-11-25",0.92989,{"date":284,"score":244,"percentile":285},"2025-11-26",0.92988,{"date":287,"score":244,"percentile":285},"2025-11-27",{"date":289,"score":244,"percentile":290},"2025-11-28",0.92982,{"date":292,"score":244,"percentile":293},"2025-11-29",0.92996,{"date":295,"score":244,"percentile":296},"2025-11-30",0.92997,{"date":298,"score":244,"percentile":299},"2025-12-01",0.93045,{"date":301,"score":244,"percentile":302},"2025-12-02",0.93051,{"date":304,"score":244,"percentile":305},"2025-12-03",0.93054,{"date":307,"score":244,"percentile":308},"2025-12-04",0.93006,{"date":310,"score":244,"percentile":311},"2025-12-05",0.9301,{"date":313,"score":244,"percentile":314},"2025-12-06",0.93011,{"date":316,"score":244,"percentile":317},"2025-12-07",0.93009,{"date":319,"score":244,"percentile":320},"2025-12-08",0.93014,{"date":322,"score":244,"percentile":323},"2025-12-09",0.93017,{"date":325,"score":244,"percentile":326},"2025-12-10",0.93023,{"date":328,"score":244,"percentile":329},"2025-12-11",0.93026,{"date":331,"score":244,"percentile":332},"2025-12-12",0.9303,{"date":334,"score":244,"percentile":335},"2025-12-13",0.93021,{"date":337,"score":338,"percentile":339},"2025-12-14",0.10439,0.92959,{"date":341,"score":338,"percentile":342},"2025-12-15",0.92962,{"date":344,"score":338,"percentile":345},"2025-12-16",0.92972,{"date":347,"score":338,"percentile":348},"2025-12-17",0.92978,{"date":350,"score":338,"percentile":351},"2025-12-18",0.92981,{"date":353,"score":338,"percentile":351},"2025-12-19",{"date":355,"score":338,"percentile":356},"2025-12-20",0.92977,{"date":358,"score":338,"percentile":356},"2025-12-21",{"date":360,"score":338,"percentile":345},"2025-12-22",{"date":362,"score":338,"percentile":363},"2025-12-23",0.92973,{"date":365,"score":338,"percentile":348},"2025-12-24",{"date":367,"score":338,"percentile":290},"2025-12-25",{"date":369,"score":338,"percentile":370},"2025-12-26",0.9298,{"date":372,"score":373,"percentile":374},"2025-12-27",0.0514,0.89568,{"date":376,"score":338,"percentile":377},"2025-12-28",0.92975,{"date":379,"score":338,"percentile":380},"2025-12-29",0.92974,{"date":382,"score":338,"percentile":383},"2025-12-30",0.92976,{"date":385,"score":338,"percentile":273},"2025-12-31",{"date":387,"score":338,"percentile":388},"2026-01-01",0.93035,{"date":390,"score":338,"percentile":391},"2026-01-02",0.93029,{"date":393,"score":338,"percentile":394},"2026-01-03",0.93028,{"date":396,"score":338,"percentile":276},"2026-01-04",{"date":398,"score":338,"percentile":270},"2026-01-05",{"date":400,"score":338,"percentile":279},"2026-01-06",{"date":402,"score":338,"percentile":276},"2026-01-07",{"date":404,"score":338,"percentile":279},"2026-01-08",{"date":406,"score":338,"percentile":407},"2026-01-09",0.92992,{"date":409,"score":338,"percentile":410},"2026-01-10",0.92999,{"date":412,"score":338,"percentile":296},"2026-01-11",{"date":414,"score":338,"percentile":296},"2026-01-12",{"date":416,"score":338,"percentile":293},"2026-01-13",{"date":418,"score":338,"percentile":419},"2026-01-14",0.93004,{"date":421,"score":338,"percentile":419},"2026-01-15",{"date":423,"score":338,"percentile":317},"2026-01-16",{"date":425,"score":338,"percentile":426},"2026-01-17",0.93012,{"date":428,"score":338,"percentile":429},"2026-01-18",0.93005,{"date":431,"score":338,"percentile":308},"2026-01-19",{"date":433,"score":338,"percentile":434},"2026-01-20",0.93008,{"date":436,"score":338,"percentile":437},"2026-01-21",0.93015,{"date":439,"score":338,"percentile":440},"2026-01-22",0.93018,{"date":442,"score":338,"percentile":326},"2026-01-23",{"date":444,"score":338,"percentile":394},"2026-01-24",{"date":446,"score":338,"percentile":332},"2026-01-25",{"date":448,"score":338,"percentile":449},"2026-01-26",0.93031,{"date":451,"score":338,"percentile":388},"2026-01-27",{"date":453,"score":338,"percentile":454},"2026-01-28",0.93038,{"date":456,"score":457,"percentile":356},"2026-01-29",0.1029,{"date":459,"score":457,"percentile":348},"2026-01-30",{"date":461,"score":457,"percentile":370},"2026-01-31",{"date":463,"score":457,"percentile":464},"2026-02-01",0.93019,[466],{"source":135,"cvss_v2_0":467,"cvss_v3_0":472,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":468,"baseSeverity":9,"vectorString":469,"impactScore":470,"exploitabilityScore":471},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":133,"baseSeverity":473,"vectorString":136,"impactScore":133,"exploitabilityScore":471},"CRITICAL",[475,490,499,515,524,530,539,545,551,556,561],{"ecosystem":9,"name":476,"vendor":477,"product":478,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":480},"ubuntu linux","canonical","ubuntu_linux","o",[481,484,486,488],{"version":482,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":485,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":487,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":489,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":491,"vendor":492,"product":493,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"debian linux","debian","debian_linux",[495,497],{"version":496,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":498,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":500,"vendor":9,"product":500,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"Firefox",[502,507,510],{"version":503,"is_range":504,"range_type":483,"version_start":9,"version_start_type":9,"version_end":505,"version_end_type":506,"fixed_in":9},"lt60.4.0",true,"60.4.0","excluding",{"version":508,"is_range":504,"range_type":483,"version_start":9,"version_start_type":9,"version_end":509,"version_end_type":506,"fixed_in":9},"lt64.0","64.0",{"version":511,"is_range":504,"range_type":141,"version_start":512,"version_start_type":513,"version_end":514,"version_end_type":506,"fixed_in":9},">= unspecified, \u003C 64","unspecified","including","64",{"ecosystem":9,"name":516,"vendor":517,"product":518,"cpe_part":519,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":520},"firefox esr","mozilla","firefox_esr","a",[521],{"version":522,"is_range":504,"range_type":141,"version_start":512,"version_start_type":513,"version_end":523,"version_end_type":506,"fixed_in":9},">= unspecified, \u003C 60.4","60.4",{"ecosystem":9,"name":525,"vendor":517,"product":526,"cpe_part":519,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":527},"Thunderbird","thunderbird",[528,529],{"version":503,"is_range":504,"range_type":483,"version_start":9,"version_start_type":9,"version_end":505,"version_end_type":506,"fixed_in":9},{"version":522,"is_range":504,"range_type":141,"version_start":512,"version_start_type":513,"version_end":523,"version_end_type":506,"fixed_in":9},{"ecosystem":9,"name":531,"vendor":532,"product":533,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":534},"enterprise linux desktop","redhat","enterprise_linux_desktop",[535,537],{"version":536,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":538,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":540,"vendor":532,"product":541,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":542},"enterprise linux server","enterprise_linux_server",[543,544],{"version":536,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":538,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":546,"vendor":532,"product":547,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":548},"enterprise linux server aus","enterprise_linux_server_aus",[549],{"version":550,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":552,"vendor":532,"product":553,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":554},"enterprise linux server eus","enterprise_linux_server_eus",[555],{"version":550,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":557,"vendor":532,"product":558,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":559},"enterprise linux server tus","enterprise_linux_server_tus",[560],{"version":550,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":562,"vendor":532,"product":563,"cpe_part":479,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":564},"enterprise linux workstation","enterprise_linux_workstation",[565,566],{"version":536,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":538,"is_range":129,"range_type":483,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]