[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2019-0088":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":22,"duplicates":23,"related":24,"reserved_at":9,"published_at":29,"modified_at":30,"state":9,"summary":31,"references_raw":33,"kevs":54,"epss":9,"epss_history":55,"metrics":56,"affected":57},"MGASA-2019-0088","Updated thunderbird packages fix security vulnerability\n\nA use-after-free vulnerability in the Skia library can occur when creating\na path, leading to a potentially exploitable crash. (CVE-2018-18356)\n\nAn integer overflow vulnerability in the Skia library can occur after\nspecific transform operations, leading to a potentially exploitable crash.\n(CVE-2019-5785)\n\nA buffer overflow vulnerability in the Skia library can occur with Canvas\n2D acceleration on macOS. This issue was addressed by disabling Canvas 2D\nacceleration in Firefox ESR. (CVE-2018-18335)\n\nA flaw during verification of certain S/MIME signatures causes emails to\nbe shown in Thunderbird as having a valid digital signature, even if the\nshown message contents aren't covered by the signature. The flaw allows an\nattacker to reuse a valid S/MIME signature to craft an email message with\narbitrary content. (CVE-2018-18509)\n",null,[],[],[],[14,16,18,20],{"_key":15},"CVE-2018-18335",{"_key":17},"CVE-2018-18356",{"_key":19},"CVE-2018-18509",{"_key":21},"CVE-2019-5785",[],[],[25,26,27,28],{"_key":15},{"_key":17},{"_key":19},{"_key":21},"2019-02-17T17:17:45Z","2026-04-16T04:26:31.368887Z",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[34,40,45,50],{"url":35,"sources":36,"tags":38},"https://advisories.mageia.org/MGASA-2019-0088.html",[37],"osv_mageia",[39],"Advisory",{"url":41,"sources":42,"tags":43},"https://bugs.mageia.org/show_bug.cgi?id=24360",[37],[44],"REPORT",{"url":46,"sources":47,"tags":48},"https://www.thunderbird.net/en-US/thunderbird/60.5.1/releasenotes/",[37],[44,49],"WEB",{"url":51,"sources":52,"tags":53},"https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/",[37],[44,39],[],[],[],[58,70],{"ecosystem":59,"name":60,"vendor":61,"product":60,"cpe_part":9,"purl_type":62,"purl_namespace":61,"purl_name":60,"source":9,"versions":63},"Mageia","thunderbird","mageia","rpm",[64],{"version":65,"is_range":66,"range_type":67,"version_start":9,"version_start_type":9,"version_end":68,"version_end_type":69,"fixed_in":9},"lt60_5_1_1_mga6",true,"ecosystem","60.5.1-1.mga6","excluding",{"ecosystem":59,"name":71,"vendor":61,"product":71,"cpe_part":9,"purl_type":62,"purl_namespace":61,"purl_name":71,"source":9,"versions":72},"thunderbird-l10n",[73],{"version":65,"is_range":66,"range_type":67,"version_start":9,"version_start_type":9,"version_end":68,"version_end_type":69,"fixed_in":9}]