[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2018-0480":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T08:55:34.825Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":66,"duplicates":67,"related":68,"reserved_at":9,"published_at":95,"modified_at":96,"state":9,"summary":97,"references_raw":99,"kevs":160,"epss":9,"epss_history":161,"metrics":162,"affected":163},"MGASA-2018-0480","Updated thunderbird packages fix security issues & bugs\n\n- Buffer overflow using computed size of canvas element. (CVE-2018-12359)\n\n- Use-after-free when using focus(). (CVE-2018-12360)\n\n- Integer overflow in SwizzleData. (CVE-2018-12361)\n\n- Integer overflow in SSSE3 scaler. (CVE-2018-12362)\n\n- Media recorder segmentation fault when track type is changed during\ncapture. (CVE-2018-5156)\n\n- Use-after-free when appending DOM nodes. (CVE-2018-12363)\n\n- CSRF attacks through 307 redirects and NPAPI plugins. (CVE-2018-12364)\n\n- Compromised IPC child process can list local filenames.\n(CVE-2018-12365)\n\n- Integer overflow in Skia library during edge builder allocation.\n(CVE-2018-12371)\n\n- Invalid data handling during QCMS transformations. (CVE-2018-12366)\n\n- Timing attack mitigation of PerformanceNavigationTiming.\n(CVE-2018-12367)\n\n- No warning when opening executable SettingContent-ms files.\n(CVE-2018-12368)\n\n- Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and\nThunderbird 60. (CVE-2018-5187)\n\n- Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, Firefox\nESR 52.9, and Thunderbird 60. (CVE-2018-5188)\n\n- Use-after-free in refresh driver timers. (CVE-2018-12377)\n\n- Use-after-free in IndexedDB. (CVE-2018-12378)\n\n- Out-of-bounds write with malicious MAR file. (CVE-2018-12379)\n\n- Proxy bypass using automount and autofs. (CVE-2017-16541)\n\n- Crash in TransportSecurityInfo due to cached data. (CVE-2018-12385)\n\n- Setting a master password post-Firefox 58 does not delete unencrypted\npreviously stored passwords. (CVE-2018-12383)\n\n- Memory safety bugs fixed in Firefox 62, Firefox ESR 60.2, and\nThunderbird 60.2.1. (CVE-2018-12376)\n\n- HTTP Live Stream audio data is accessible cross-origin.\n(CVE-2018-12391)\n\n- Crash with nested event loops. (CVE-2018-12392)\n\n- Integer overflow during Unicode conversion while loading JavaScript.\n(CVE-2018-12393)\n\n- Memory safety bugs fixed in Firefox ESR 60.3 and Thunderbird 60.3.\n(CVE-2018-12389)\n\n- Memory safety bugs fixed in Firefox 63, Firefox ESR 60.3, and\nThunderbird 60.3. (CVE-2018-12390)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64],{"_key":15},"CVE-2017-16541",{"_key":17},"CVE-2018-12359",{"_key":19},"CVE-2018-12360",{"_key":21},"CVE-2018-12361",{"_key":23},"CVE-2018-12362",{"_key":25},"CVE-2018-12363",{"_key":27},"CVE-2018-12364",{"_key":29},"CVE-2018-12365",{"_key":31},"CVE-2018-12366",{"_key":33},"CVE-2018-12367",{"_key":35},"CVE-2018-12368",{"_key":37},"CVE-2018-12371",{"_key":39},"CVE-2018-12376",{"_key":41},"CVE-2018-12377",{"_key":43},"CVE-2018-12378",{"_key":45},"CVE-2018-12379",{"_key":47},"CVE-2018-12383",{"_key":49},"CVE-2018-12385",{"_key":51},"CVE-2018-12389",{"_key":53},"CVE-2018-12390",{"_key":55},"CVE-2018-12391",{"_key":57},"CVE-2018-12392",{"_key":59},"CVE-2018-12393",{"_key":61},"CVE-2018-5156",{"_key":63},"CVE-2018-5187",{"_key":65},"CVE-2018-5188",[],[],[69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},"2018-12-15T21:29:48Z","2026-04-16T06:24:01.404935409Z",{"cisa_kev":98,"cisa_ransomware":98,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[100,106,111,116,120,124,128,132,136,140,144,148,152,156],{"url":101,"sources":102,"tags":104},"https://advisories.mageia.org/MGASA-2018-0480.html",[103],"osv_mageia",[105],"Advisory",{"url":107,"sources":108,"tags":109},"https://bugs.mageia.org/show_bug.cgi?id=23706",[103],[110],"REPORT",{"url":112,"sources":113,"tags":114},"https://www.thunderbird.net/en-US/thunderbird/60.3.0/releasenotes/",[103],[110,115],"WEB",{"url":117,"sources":118,"tags":119},"https://www.thunderbird.net/en-US/thunderbird/60.3.1/releasenotes/",[103],[110,115],{"url":121,"sources":122,"tags":123},"https://www.thunderbird.net/en-US/thunderbird/60.3.2/releasenotes/",[103],[110,115],{"url":125,"sources":126,"tags":127},"https://www.thunderbird.net/en-US/thunderbird/60.3.3/releasenotes/",[103],[110,115],{"url":129,"sources":130,"tags":131},"https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/",[103],[110,105],{"url":133,"sources":134,"tags":135},"https://www.mozilla.org/en-US/security/advisories/mfsa2018-25/",[103],[110,105],{"url":137,"sources":138,"tags":139},"https://www.mozilla.org/en-US/security/advisories/mfsa2018-28/",[103],[110,105],{"url":141,"sources":142,"tags":143},"https://www.debian.org/security/2018/dsa-4327",[103],[110,115],{"url":145,"sources":146,"tags":147},"https://access.redhat.com/errata/RHSA-2018:3458",[103],[110,115],{"url":149,"sources":150,"tags":151},"https://lists.opensuse.org/opensuse-updates/2018-11/msg00009.html",[103],[110,115],{"url":153,"sources":154,"tags":155},"https://access.redhat.com/errata/RHSA-2018:3532",[103],[110,115],{"url":157,"sources":158,"tags":159},"https://www.debian.org/security/2018/dsa-4337",[103],[110,115],[],[],[],[164,176],{"ecosystem":165,"name":166,"vendor":167,"product":166,"cpe_part":9,"purl_type":168,"purl_namespace":167,"purl_name":166,"source":9,"versions":169},"Mageia","thunderbird","mageia","rpm",[170],{"version":171,"is_range":172,"range_type":173,"version_start":9,"version_start_type":9,"version_end":174,"version_end_type":175,"fixed_in":9},"lt60_3_3_3_mga6",true,"ecosystem","60.3.3-3.mga6","excluding",{"ecosystem":165,"name":177,"vendor":167,"product":177,"cpe_part":9,"purl_type":168,"purl_namespace":167,"purl_name":177,"source":9,"versions":178},"thunderbird-l10n",[179],{"version":180,"is_range":172,"range_type":173,"version_start":9,"version_start_type":9,"version_end":181,"version_end_type":175,"fixed_in":9},"lt60_3_3_1_mga6","60.3.3-1.mga6"]