[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-18500":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":70,"related":71,"reserved_at":9,"published_at":83,"modified_at":84,"state":85,"summary":86,"references_raw":95,"kevs":177,"epss":178,"epss_history":181,"metrics":414,"affected":423},"CVE-2018-18500","A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird \u003C 60.5, Firefox ESR \u003C 60.5, and Firefox \u003C 65.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68],{"_key":25},"OPENSUSE-SU-2019:0249-1",{"_key":27},"RHSA-2019:0218",{"_key":29},"RHSA-2019:0219",{"_key":31},"OPENSUSE-SU-2024:10601-1",{"_key":33},"SUSE-SU-2019:0273-1",{"_key":35},"SUSE-SU-2019:0336-1",{"_key":37},"SUSE-SU-2019:0336-2",{"_key":39},"SUSE-SU-2019:0338-1",{"_key":41},"OPENSUSE-SU-2019:1758-1",{"_key":43},"OPENSUSE-SU-2024:10600-1",{"_key":45},"OPENSUSE-SU-2024:14572-1",{"_key":47},"DLA-1648-1",{"_key":49},"DLA-1678-1",{"_key":51},"DSA-4376-1",{"_key":53},"DSA-4392-1",{"_key":55},"MGASA-2019-0060",{"_key":57},"MGASA-2019-0069",{"_key":59},"UBUNTU-CVE-2018-18500",{"_key":61},"USN-3874-1",{"_key":63},"USN-3897-1",{"_key":65},"DEBIAN-CVE-2018-18500",{"_key":67},"RHSA-2019:0269",{"_key":69},"RHSA-2019:0270",[],[72,73,74,75,76,77,78,79,80,81,82],{"_key":25},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":55},{"_key":57},"2019-02-05T21:00:00.000Z","2024-08-05T11:08:21.883Z","Modified",{"cisa_kev":87,"cisa_ransomware":87,"cisa_vendor":9,"epss_severity":88,"epss_score":89,"severity":90,"severity_score":91,"severity_version":92,"severity_source":93,"severity_vector":94,"severity_status":85},false,"high",0.35406,"critical",9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[96,104,109,114,120,125,129,133,137,141,146,152,156,160,164,168,172],{"url":97,"sources":98,"tags":100},"https://access.redhat.com/errata/RHSA-2019:0219",[99,93],"cve.org",[101,102,103],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":105,"sources":106,"tags":107},"https://www.mozilla.org/security/advisories/mfsa2019-01/",[99,93],[108,101],"X Refsource CONFIRM",{"url":110,"sources":111,"tags":112},"https://usn.ubuntu.com/3897-1/",[99,93],[101,113,103],"X Refsource UBUNTU",{"url":115,"sources":116,"tags":117},"http://www.securityfocus.com/bid/106781",[99,93],[118,119,103],"VDB Entry","X Refsource BID",{"url":121,"sources":122,"tags":123},"https://security.gentoo.org/glsa/201903-04",[99,93],[101,124,103],"X Refsource GENTOO",{"url":126,"sources":127,"tags":128},"https://usn.ubuntu.com/3874-1/",[99,93],[101,113,103],{"url":130,"sources":131,"tags":132},"https://access.redhat.com/errata/RHSA-2019:0269",[99,93],[101,102,103],{"url":134,"sources":135,"tags":136},"https://access.redhat.com/errata/RHSA-2019:0218",[99,93],[101,102,103],{"url":138,"sources":139,"tags":140},"https://www.mozilla.org/security/advisories/mfsa2019-02/",[99,93],[108,101],{"url":142,"sources":143,"tags":144},"https://www.debian.org/security/2019/dsa-4376",[99,93],[101,145,103],"X Refsource DEBIAN",{"url":147,"sources":148,"tags":149},"https://lists.debian.org/debian-lts-announce/2019/02/msg00024.html",[99,93],[150,151,103],"Mailing List","X Refsource MLIST",{"url":153,"sources":154,"tags":155},"https://lists.debian.org/debian-lts-announce/2019/01/msg00025.html",[99,93],[150,151,103],{"url":157,"sources":158,"tags":159},"https://www.mozilla.org/security/advisories/mfsa2019-03/",[99,93],[108,101],{"url":161,"sources":162,"tags":163},"https://www.debian.org/security/2019/dsa-4392",[99,93],[101,145,103],{"url":165,"sources":166,"tags":167},"https://access.redhat.com/errata/RHSA-2019:0270",[99,93],[101,102,103],{"url":169,"sources":170,"tags":171},"https://security.gentoo.org/glsa/201904-07",[99,93],[101,124],{"url":173,"sources":174,"tags":175},"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00021.html",[99,93],[101,176],"X Refsource SUSE",[],{"date":179,"score":89,"percentile":180},"2026-06-05",0.97146,[182,186,189,191,194,197,199,203,205,208,211,214,216,219,221,225,227,230,234,237,239,242,245,248,251,254,256,259,262,264,267,270,273,276,279,281,284,286,288,291,293,296,298,301,304,307,309,312,314,316,318,321,324,327,331,333,335,338,340,343,346,349,351,354,357,359,361,363,365,367,369,371,373,375,377,380,382,385,387,389,391,393,395,398,400,402,404,406,408,411],{"date":183,"score":184,"percentile":185},"2025-11-04",0.30241,0.96458,{"date":187,"score":184,"percentile":188},"2025-11-05",0.96457,{"date":190,"score":184,"percentile":185},"2025-11-06",{"date":192,"score":184,"percentile":193},"2025-11-07",0.9646,{"date":195,"score":184,"percentile":196},"2025-11-08",0.96461,{"date":198,"score":184,"percentile":193},"2025-11-09",{"date":200,"score":201,"percentile":202},"2025-11-10",0.28905,0.96341,{"date":204,"score":201,"percentile":202},"2025-11-11",{"date":206,"score":201,"percentile":207},"2025-11-12",0.96344,{"date":209,"score":201,"percentile":210},"2025-11-13",0.96345,{"date":212,"score":201,"percentile":213},"2025-11-14",0.96347,{"date":215,"score":201,"percentile":213},"2025-11-15",{"date":217,"score":201,"percentile":218},"2025-11-16",0.96346,{"date":220,"score":201,"percentile":213},"2025-11-17",{"date":222,"score":223,"percentile":224},"2025-11-18",0.37434,0.96993,{"date":226,"score":223,"percentile":224},"2025-11-19",{"date":228,"score":223,"percentile":229},"2025-11-20",0.96995,{"date":231,"score":232,"percentile":233},"2025-11-21",0.28539,0.96323,{"date":235,"score":232,"percentile":236},"2025-11-22",0.96324,{"date":238,"score":232,"percentile":236},"2025-11-23",{"date":240,"score":232,"percentile":241},"2025-11-24",0.96327,{"date":243,"score":232,"percentile":244},"2025-11-25",0.96329,{"date":246,"score":232,"percentile":247},"2025-11-26",0.96331,{"date":249,"score":232,"percentile":250},"2025-11-27",0.96332,{"date":252,"score":232,"percentile":253},"2025-11-28",0.9633,{"date":255,"score":232,"percentile":250},"2025-11-29",{"date":257,"score":232,"percentile":258},"2025-11-30",0.96334,{"date":260,"score":232,"percentile":261},"2025-12-01",0.96364,{"date":263,"score":232,"percentile":261},"2025-12-02",{"date":265,"score":232,"percentile":266},"2025-12-03",0.96366,{"date":268,"score":232,"percentile":269},"2025-12-04",0.96336,{"date":271,"score":232,"percentile":272},"2025-12-05",0.96338,{"date":274,"score":232,"percentile":275},"2025-12-06",0.96339,{"date":277,"score":232,"percentile":278},"2025-12-07",0.96337,{"date":280,"score":232,"percentile":278},"2025-12-08",{"date":282,"score":232,"percentile":283},"2025-12-09",0.9634,{"date":285,"score":232,"percentile":207},"2025-12-10",{"date":287,"score":232,"percentile":218},"2025-12-11",{"date":289,"score":232,"percentile":290},"2025-12-12",0.96348,{"date":292,"score":232,"percentile":210},"2025-12-13",{"date":294,"score":232,"percentile":295},"2025-12-14",0.96342,{"date":297,"score":232,"percentile":210},"2025-12-15",{"date":299,"score":232,"percentile":300},"2025-12-16",0.96349,{"date":302,"score":232,"percentile":303},"2025-12-17",0.96352,{"date":305,"score":232,"percentile":306},"2025-12-18",0.96353,{"date":308,"score":232,"percentile":303},"2025-12-19",{"date":310,"score":232,"percentile":311},"2025-12-20",0.96354,{"date":313,"score":232,"percentile":306},"2025-12-21",{"date":315,"score":232,"percentile":311},"2025-12-22",{"date":317,"score":232,"percentile":311},"2025-12-23",{"date":319,"score":232,"percentile":320},"2025-12-24",0.96357,{"date":322,"score":232,"percentile":323},"2025-12-25",0.96362,{"date":325,"score":232,"percentile":326},"2025-12-26",0.9636,{"date":328,"score":329,"percentile":330},"2025-12-27",0.27142,0.96238,{"date":332,"score":232,"percentile":320},"2025-12-28",{"date":334,"score":232,"percentile":320},"2025-12-29",{"date":336,"score":232,"percentile":337},"2025-12-30",0.96359,{"date":339,"score":232,"percentile":261},"2025-12-31",{"date":341,"score":232,"percentile":342},"2026-01-01",0.96396,{"date":344,"score":232,"percentile":345},"2026-01-02",0.96394,{"date":347,"score":232,"percentile":348},"2026-01-03",0.96393,{"date":350,"score":232,"percentile":323},"2026-01-04",{"date":352,"score":232,"percentile":353},"2026-01-05",0.96361,{"date":355,"score":356,"percentile":250},"2026-01-06",0.28229,{"date":358,"score":356,"percentile":247},"2026-01-07",{"date":360,"score":356,"percentile":258},"2026-01-08",{"date":362,"score":356,"percentile":278},"2026-01-09",{"date":364,"score":356,"percentile":275},"2026-01-10",{"date":366,"score":356,"percentile":275},"2026-01-11",{"date":368,"score":356,"percentile":283},"2026-01-12",{"date":370,"score":356,"percentile":272},"2026-01-13",{"date":372,"score":356,"percentile":210},"2026-01-14",{"date":374,"score":356,"percentile":218},"2026-01-15",{"date":376,"score":356,"percentile":300},"2026-01-16",{"date":378,"score":356,"percentile":379},"2026-01-17",0.9635,{"date":381,"score":356,"percentile":303},"2026-01-18",{"date":383,"score":356,"percentile":384},"2026-01-19",0.96351,{"date":386,"score":356,"percentile":303},"2026-01-20",{"date":388,"score":356,"percentile":306},"2026-01-21",{"date":390,"score":356,"percentile":311},"2026-01-22",{"date":392,"score":356,"percentile":337},"2026-01-23",{"date":394,"score":356,"percentile":353},"2026-01-24",{"date":396,"score":356,"percentile":397},"2026-01-25",0.96363,{"date":399,"score":356,"percentile":397},"2026-01-26",{"date":401,"score":356,"percentile":323},"2026-01-27",{"date":403,"score":356,"percentile":261},"2026-01-28",{"date":405,"score":356,"percentile":261},"2026-01-29",{"date":407,"score":356,"percentile":261},"2026-01-30",{"date":409,"score":356,"percentile":410},"2026-01-31",0.96365,{"date":412,"score":356,"percentile":413},"2026-02-01",0.96395,[415],{"source":93,"cvss_v2_0":416,"cvss_v3_0":421,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":417,"baseSeverity":9,"vectorString":418,"impactScore":419,"exploitabilityScore":420},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":91,"baseSeverity":422,"vectorString":94,"impactScore":91,"exploitabilityScore":420},"CRITICAL",[424,439,448,456,465,470,479,485,491,496,501],{"ecosystem":9,"name":425,"vendor":426,"product":427,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":429},"ubuntu linux","canonical","ubuntu_linux","o",[430,433,435,437],{"version":431,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":434,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"16.04",{"version":436,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"version":438,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":440,"vendor":441,"product":442,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":443},"debian linux","debian","debian_linux",[444,446],{"version":445,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":447,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":449,"vendor":9,"product":449,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":450},"Firefox",[451],{"version":452,"is_range":453,"range_type":432,"version_start":9,"version_start_type":9,"version_end":454,"version_end_type":455,"fixed_in":9},"lt65.0",true,"65.0","excluding",{"ecosystem":9,"name":457,"vendor":458,"product":459,"cpe_part":460,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":461},"firefox esr","mozilla","firefox_esr","a",[462],{"version":463,"is_range":453,"range_type":432,"version_start":9,"version_start_type":9,"version_end":464,"version_end_type":455,"fixed_in":9},"lt60.5","60.5",{"ecosystem":9,"name":466,"vendor":458,"product":467,"cpe_part":460,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":468},"Thunderbird","thunderbird",[469],{"version":463,"is_range":453,"range_type":432,"version_start":9,"version_start_type":9,"version_end":464,"version_end_type":455,"fixed_in":9},{"ecosystem":9,"name":471,"vendor":472,"product":473,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":474},"enterprise linux desktop","redhat","enterprise_linux_desktop",[475,477],{"version":476,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":478,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":480,"vendor":472,"product":481,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":482},"enterprise linux server","enterprise_linux_server",[483,484],{"version":476,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":478,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":486,"vendor":472,"product":487,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":488},"enterprise linux server aus","enterprise_linux_server_aus",[489],{"version":490,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":492,"vendor":472,"product":493,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"enterprise linux server eus","enterprise_linux_server_eus",[495],{"version":490,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":497,"vendor":472,"product":498,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":499},"enterprise linux server tus","enterprise_linux_server_tus",[500],{"version":490,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":502,"vendor":472,"product":503,"cpe_part":428,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":504},"enterprise linux workstation","enterprise_linux_workstation",[505,506],{"version":476,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":478,"is_range":87,"range_type":432,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]