Vulnerability-Lookup

CVE-2018-5178 (GCVE-0-2018-5178)

Vulnerability from cvelistv5 – Published: 2018-06-11 21:00 – Updated: 2024-08-05 05:26

Summary

A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.

Severity

No CVSS data available.

CWE

Buffer overflow during UTF-8 to Unicode string conversion through legacy extension

Assigner

mozilla

References

16 references

URL	Tags
https://access.redhat.com/errata/RHSA-2018:1415	vendor-advisoryx_refsource_REDHAT
https://security.gentoo.org/glsa/201810-01	vendor-advisoryx_refsource_GENTOO
https://access.redhat.com/errata/RHSA-2018:1726	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2018:1414	vendor-advisoryx_refsource_REDHAT
https://security.gentoo.org/glsa/201811-13	vendor-advisoryx_refsource_GENTOO
https://www.mozilla.org/security/advisories/mfsa2…	x_refsource_CONFIRM
https://usn.ubuntu.com/3660-1/	vendor-advisoryx_refsource_UBUNTU
http://www.securitytracker.com/id/1040898	vdb-entryx_refsource_SECTRACK
https://www.debian.org/security/2018/dsa-4199	vendor-advisoryx_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2018:1725	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/104138	vdb-entryx_refsource_BID
https://www.debian.org/security/2018/dsa-4209	vendor-advisoryx_refsource_DEBIAN
https://www.mozilla.org/security/advisories/mfsa2…	x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=1443891	x_refsource_CONFIRM

Impacted products

3 products

Vendor	Product	Version
Mozilla	Thunderbird ESR	Affected: unspecified , < 52.8 (custom)
Mozilla	Thunderbird	Affected: unspecified , < 52.8 (custom)
Mozilla	Firefox ESR	Affected: unspecified , < 52.8 (custom)

Date Public

2018-05-09 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:26:46.980Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:1415",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1415"
          },
          {
            "name": "GLSA-201810-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201810-01"
          },
          {
            "name": "RHSA-2018:1726",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1726"
          },
          {
            "name": "RHSA-2018:1414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1414"
          },
          {
            "name": "GLSA-201811-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201811-13"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/"
          },
          {
            "name": "USN-3660-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3660-1/"
          },
          {
            "name": "1040898",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040898"
          },
          {
            "name": "DSA-4199",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4199"
          },
          {
            "name": "[debian-lts-announce] 20180525 [SECURITY] [DLA 1382-1] thunderbird security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html"
          },
          {
            "name": "[debian-lts-announce] 20180511 [SECURITY] [DLA 1376-1] firefox-esr security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html"
          },
          {
            "name": "RHSA-2018:1725",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1725"
          },
          {
            "name": "104138",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104138"
          },
          {
            "name": "DSA-4209",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4209"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1443891"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Thunderbird ESR",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "52.8",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "52.8",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firefox ESR",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "52.8",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-05-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-25T10:57:01.000Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "name": "RHSA-2018:1415",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        },
        {
          "name": "GLSA-201810-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201810-01"
        },
        {
          "name": "RHSA-2018:1726",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        },
        {
          "name": "RHSA-2018:1414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        },
        {
          "name": "GLSA-201811-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201811-13"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/"
        },
        {
          "name": "USN-3660-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3660-1/"
        },
        {
          "name": "1040898",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040898"
        },
        {
          "name": "DSA-4199",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4199"
        },
        {
          "name": "[debian-lts-announce] 20180525 [SECURITY] [DLA 1382-1] thunderbird security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html"
        },
        {
          "name": "[debian-lts-announce] 20180511 [SECURITY] [DLA 1376-1] firefox-esr security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html"
        },
        {
          "name": "RHSA-2018:1725",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        },
        {
          "name": "104138",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104138"
        },
        {
          "name": "DSA-4209",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4209"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1443891"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2018-5178",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Thunderbird ESR",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "52.8"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Thunderbird",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "52.8"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Firefox ESR",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "52.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Mozilla"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:1415",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1415"
            },
            {
              "name": "GLSA-201810-01",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201810-01"
            },
            {
              "name": "RHSA-2018:1726",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1726"
            },
            {
              "name": "RHSA-2018:1414",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1414"
            },
            {
              "name": "GLSA-201811-13",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201811-13"
            },
            {
              "name": "https://www.mozilla.org/security/advisories/mfsa2018-13/",
              "refsource": "CONFIRM",
              "url": "https://www.mozilla.org/security/advisories/mfsa2018-13/"
            },
            {
              "name": "USN-3660-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3660-1/"
            },
            {
              "name": "1040898",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040898"
            },
            {
              "name": "DSA-4199",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4199"
            },
            {
              "name": "[debian-lts-announce] 20180525 [SECURITY] [DLA 1382-1] thunderbird security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html"
            },
            {
              "name": "[debian-lts-announce] 20180511 [SECURITY] [DLA 1376-1] firefox-esr security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html"
            },
            {
              "name": "RHSA-2018:1725",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1725"
            },
            {
              "name": "104138",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104138"
            },
            {
              "name": "DSA-4209",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4209"
            },
            {
              "name": "https://www.mozilla.org/security/advisories/mfsa2018-12/",
              "refsource": "CONFIRM",
              "url": "https://www.mozilla.org/security/advisories/mfsa2018-12/"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1443891",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1443891"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2018-5178",
    "datePublished": "2018-06-11T21:00:00.000Z",
    "dateReserved": "2018-01-03T00:00:00.000Z",
    "dateUpdated": "2024-08-05T05:26:46.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-5178",
      "date": "2026-05-27",
      "epss": "0.18164",
      "percentile": "0.95285"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16F59A04-14CF-49E2-9973-645477EA09DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"52.8.0\", \"matchCriteriaId\": \"8C5C0488-40EF-4034-8F6D-6BFFF4B379F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"52.8.0\", \"matchCriteriaId\": \"6216B631-0AF7-4438-8575-F23342715F8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"52.8.0\", \"matchCriteriaId\": \"5B2A31F2-59B8-4342-B81D-E85DF72EE51A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9070C9D8-A14A-467F-8253-33B966C16886\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B353CE99-D57C-465B-AAB0-73EF581127D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.\"}, {\"lang\": \"es\", \"value\": \"Se ha encontrado un desbordamiento de b\\u00fafer durante la conversi\\u00f3n de cadenas UTF8 a Unicode dentro de JavaScript con cantidades de datos extremadamente grandes. Esta vulnerabilidad requiere el uso de una extensi\\u00f3n heredada maliciosa o vulnerable para que se produzca. Esta vulnerabilidad afecta a las versiones anteriores a la 52.8 de Thunderbird ESR, las versiones anteriores a la 52.8 de Thunderbird y las versiones anteriores a la 52.8 de Firefox ESR.\"}]",
      "id": "CVE-2018-5178",
      "lastModified": "2024-11-21T04:08:16.693",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-06-11T21:29:16.203",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/104138\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1040898\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1414\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1415\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1725\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1726\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1443891\", \"source\": \"security@mozilla.org\", \"tags\": [\"Issue Tracking\", \"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html\", \"source\": \"security@mozilla.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201810-01\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201811-13\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3660-1/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4199\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4209\", \"source\": \"security@mozilla.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2018-12/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2018-13/\", \"source\": \"security@mozilla.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/104138\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1040898\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1414\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1415\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1725\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1726\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.mozilla.org/show_bug.cgi?id=1443891\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Permissions Required\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201810-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201811-13\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3660-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4199\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4209\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2018-12/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.mozilla.org/security/advisories/mfsa2018-13/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@mozilla.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-5178\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2018-06-11T21:29:16.203\",\"lastModified\":\"2025-11-25T17:50:16.803\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado un desbordamiento de b\u00fafer durante la conversi\u00f3n de cadenas UTF8 a Unicode dentro de JavaScript con cantidades de datos extremadamente grandes. Esta vulnerabilidad requiere el uso de una extensi\u00f3n heredada maliciosa o vulnerable para que se produzca. Esta vulnerabilidad afecta a las versiones anteriores a la 52.8 de Thunderbird ESR, las versiones anteriores a la 52.8 de Thunderbird y las versiones anteriores a la 52.8 de Firefox ESR.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"52.8.0\",\"matchCriteriaId\":\"7D3CA9AE-459C-4375-91EB-CD724368798D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"52.8.0\",\"matchCriteriaId\":\"6216B631-0AF7-4438-8575-F23342715F8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"52.8.0\",\"matchCriteriaId\":\"5B2A31F2-59B8-4342-B81D-E85DF72EE51A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104138\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040898\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1414\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1415\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1725\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1726\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1443891\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201810-01\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201811-13\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3660-1/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4199\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4209\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-12/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-13/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040898\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1415\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1725\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1726\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1443891\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201810-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201811-13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3660-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4199\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4209\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-12/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2018-13/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

RHSA-2018:1414

Vulnerability from csaf_redhat - Published: 2018-05-14 14:48 - Updated: 2025-11-25 18:21

Summary

Red Hat Security Advisory: firefox security update

Severity

Critical

Notes

Topic: An update for firefox is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.8.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150) * Mozilla: Backport critical security fixes in Skia (CVE-2018-5183) * Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154) * Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155) * Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157) * Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158) * Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159) * Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168) * Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2018-5150

Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5154

A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5155

A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5157

Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-829 - Inclusion of Functionality from Untrusted Control Sphere

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5158

The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5159

An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5168

Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8.

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5183

Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Critical

References

58 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:1414	self
https://access.redhat.com/security/updates/classi…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576258	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576259	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2018-5150	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://www.cve.org/CVERecord?id=CVE-2018-5150	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5150	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5154	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://www.cve.org/CVERecord?id=CVE-2018-5154	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5154	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5155	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://www.cve.org/CVERecord?id=CVE-2018-5155	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5155	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5157	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576258	external
https://www.cve.org/CVERecord?id=CVE-2018-5157	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5157	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5158	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576259	external
https://www.cve.org/CVERecord?id=CVE-2018-5158	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5158	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5159	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://www.cve.org/CVERecord?id=CVE-2018-5159	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5159	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5168	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://www.cve.org/CVERecord?id=CVE-2018-5168	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5168	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5178	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://www.cve.org/CVERecord?id=CVE-2018-5178	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5178	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://www.cve.org/CVERecord?id=CVE-2018-5183	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5183	external
https://www.mozilla.org/en-US/security/advisories…	external

Acknowledgments

the Mozilla project

Christoph Diehl Randell Jesup Tyson Smith Alex Gaynor Ronald Crane Julian Hector Kannan Vijayan Jason Kratzer

Nils

Wladimir Palant

Ivan Fratric

Root Object

Mozilla Developers

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for firefox is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1414",
        "url": "https://access.redhat.com/errata/RHSA-2018:1414"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/"
      },
      {
        "category": "external",
        "summary": "1576250",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
      },
      {
        "category": "external",
        "summary": "1576255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
      },
      {
        "category": "external",
        "summary": "1576257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
      },
      {
        "category": "external",
        "summary": "1576258",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258"
      },
      {
        "category": "external",
        "summary": "1576259",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259"
      },
      {
        "category": "external",
        "summary": "1576260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
      },
      {
        "category": "external",
        "summary": "1576269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
      },
      {
        "category": "external",
        "summary": "1576278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
      },
      {
        "category": "external",
        "summary": "1576283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1414.json"
      }
    ],
    "title": "Red Hat Security Advisory: firefox security update",
    "tracking": {
      "current_release_date": "2025-11-25T18:21:40+00:00",
      "generator": {
        "date": "2025-11-25T18:21:40+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2018:1414",
      "initial_release_date": "2018-05-14T14:48:05+00:00",
      "revision_history": [
        {
          "date": "2018-05-14T14:48:05+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-14T14:48:05+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-25T18:21:40+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                  "product_id": "6Workstation-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.x86_64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.x86_64",
                  "product_id": "firefox-0:52.8.0-1.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.i686",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.i686",
                  "product_id": "firefox-0:52.8.0-1.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.src",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.src",
                  "product_id": "firefox-0:52.8.0-1.el6_9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.ppc",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.ppc",
                  "product_id": "firefox-0:52.8.0-1.el6_9.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.s390",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.s390",
                  "product_id": "firefox-0:52.8.0-1.el6_9.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.s390x",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.s390x",
                  "product_id": "firefox-0:52.8.0-1.el6_9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.ppc64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.ppc64",
                  "product_id": "firefox-0:52.8.0-1.el6_9.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Christoph Diehl",
            "Randell Jesup",
            "Tyson Smith",
            "Alex Gaynor",
            "Ronald Crane",
            "Julian Hector",
            "Kannan Vijayan",
            "Jason Kratzer"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5150",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5154",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and clip paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and clip paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5155",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576257"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and text paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576257",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and text paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5157",
      "cwe": {
        "id": "CWE-829",
        "name": "Inclusion of Functionality from Untrusted Control Sphere"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576258"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576258",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5158",
      "cwe": {
        "id": "CWE-95",
        "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576259"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576259",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Ivan Fratric"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5159",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576260"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Integer overflow and out-of-bounds write in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576260",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Integer overflow and out-of-bounds write in Skia"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5168",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576269"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Lightweight themes can be installed without user interaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576269",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Lightweight themes can be installed without user interaction"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Root Object"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5178",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576278"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576278",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Mozilla Developers"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5183",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Backport critical security fixes in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Backport critical security fixes in Skia"
    }
  ]
}

RHSA-2018:1415

Vulnerability from csaf_redhat - Published: 2018-05-14 15:19 - Updated: 2025-11-25 18:21

Summary

Red Hat Security Advisory: firefox security update

Severity

Critical

Notes

Topic: An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

CVE-2018-5150

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5155

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5157

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-829 - Inclusion of Functionality from Untrusted Control Sphere

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5158

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5168

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Critical

References

58 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:1415	self
https://access.redhat.com/security/updates/classi…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576258	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576259	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2018-5150	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://www.cve.org/CVERecord?id=CVE-2018-5150	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5150	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5154	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://www.cve.org/CVERecord?id=CVE-2018-5154	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5154	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5155	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://www.cve.org/CVERecord?id=CVE-2018-5155	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5155	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5157	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576258	external
https://www.cve.org/CVERecord?id=CVE-2018-5157	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5157	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5158	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576259	external
https://www.cve.org/CVERecord?id=CVE-2018-5158	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5158	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5159	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://www.cve.org/CVERecord?id=CVE-2018-5159	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5159	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5168	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://www.cve.org/CVERecord?id=CVE-2018-5168	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5168	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5178	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://www.cve.org/CVERecord?id=CVE-2018-5178	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5178	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://www.cve.org/CVERecord?id=CVE-2018-5183	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5183	external
https://www.mozilla.org/en-US/security/advisories…	external

Acknowledgments

the Mozilla project

Christoph Diehl Randell Jesup Tyson Smith Alex Gaynor Ronald Crane Julian Hector Kannan Vijayan Jason Kratzer

Nils

Wladimir Palant

Ivan Fratric

Root Object

Mozilla Developers

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for firefox is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1415",
        "url": "https://access.redhat.com/errata/RHSA-2018:1415"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/"
      },
      {
        "category": "external",
        "summary": "1576250",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
      },
      {
        "category": "external",
        "summary": "1576255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
      },
      {
        "category": "external",
        "summary": "1576257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
      },
      {
        "category": "external",
        "summary": "1576258",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258"
      },
      {
        "category": "external",
        "summary": "1576259",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259"
      },
      {
        "category": "external",
        "summary": "1576260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
      },
      {
        "category": "external",
        "summary": "1576269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
      },
      {
        "category": "external",
        "summary": "1576278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
      },
      {
        "category": "external",
        "summary": "1576283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1415.json"
      }
    ],
    "title": "Red Hat Security Advisory: firefox security update",
    "tracking": {
      "current_release_date": "2025-11-25T18:21:45+00:00",
      "generator": {
        "date": "2025-11-25T18:21:45+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2018:1415",
      "initial_release_date": "2018-05-14T15:19:04+00:00",
      "revision_history": [
        {
          "date": "2018-05-14T15:19:04+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-14T15:19:04+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-25T18:21:45+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client (v. 7)",
                  "product_id": "7Client-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                  "product_id": "7Client-optional-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
                  "product_id": "7Server-Alt-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                  "product_id": "7Server-optional-Alt-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                  "product_id": "7Workstation-optional-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.x86_64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.x86_64",
                  "product_id": "firefox-0:52.8.0-1.el7_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.src",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.src",
                  "product_id": "firefox-0:52.8.0-1.el7_5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.i686",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.i686",
                  "product_id": "firefox-0:52.8.0-1.el7_5.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.s390x",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.s390x",
                  "product_id": "firefox-0:52.8.0-1.el7_5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.ppc64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.ppc64",
                  "product_id": "firefox-0:52.8.0-1.el7_5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.ppc64le",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.ppc64le",
                  "product_id": "firefox-0:52.8.0-1.el7_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.aarch64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.aarch64",
                  "product_id": "firefox-0:52.8.0-1.el7_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.s390",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.s390",
                  "product_id": "firefox-0:52.8.0-1.el7_5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Christoph Diehl",
            "Randell Jesup",
            "Tyson Smith",
            "Alex Gaynor",
            "Ronald Crane",
            "Julian Hector",
            "Kannan Vijayan",
            "Jason Kratzer"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5150",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5154",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and clip paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and clip paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5155",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576257"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and text paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576257",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and text paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5157",
      "cwe": {
        "id": "CWE-829",
        "name": "Inclusion of Functionality from Untrusted Control Sphere"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576258"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576258",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5158",
      "cwe": {
        "id": "CWE-95",
        "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576259"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576259",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Ivan Fratric"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5159",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576260"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Integer overflow and out-of-bounds write in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576260",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Integer overflow and out-of-bounds write in Skia"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5168",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576269"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Lightweight themes can be installed without user interaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576269",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Lightweight themes can be installed without user interaction"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Root Object"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5178",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576278"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576278",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Mozilla Developers"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5183",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Backport critical security fixes in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Backport critical security fixes in Skia"
    }
  ]
}

RHSA-2018:1725

Vulnerability from csaf_redhat - Published: 2018-05-24 19:31 - Updated: 2025-11-25 18:21

Summary

Red Hat Security Advisory: thunderbird security update

Severity

Important

Notes

Topic: An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.8.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150) * Mozilla: Backport critical security fixes in Skia (CVE-2018-5183) * Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154) * Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155) * Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159) * Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184) * Mozilla: Hang via malformed headers (CVE-2018-5161) * Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162) * Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168) * Mozilla: Filename spoofing for external attachments (CVE-2018-5170) * Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178) * Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.

CVE-2018-5150

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5155

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5161

Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

4.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5162

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5168

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5170

It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

4.2 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5184

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5185

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Low

References

75 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:1725	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580236	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580237	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580239	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580240	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580241	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2018-5150	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://www.cve.org/CVERecord?id=CVE-2018-5150	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5150	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5154	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://www.cve.org/CVERecord?id=CVE-2018-5154	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5154	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5155	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://www.cve.org/CVERecord?id=CVE-2018-5155	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5155	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5159	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://www.cve.org/CVERecord?id=CVE-2018-5159	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5159	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5161	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580237	external
https://www.cve.org/CVERecord?id=CVE-2018-5161	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5161	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5162	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580239	external
https://www.cve.org/CVERecord?id=CVE-2018-5162	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5162	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5168	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://www.cve.org/CVERecord?id=CVE-2018-5168	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5168	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5170	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580240	external
https://www.cve.org/CVERecord?id=CVE-2018-5170	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5170	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5178	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://www.cve.org/CVERecord?id=CVE-2018-5178	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5178	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://www.cve.org/CVERecord?id=CVE-2018-5183	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5183	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5184	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580236	external
https://www.cve.org/CVERecord?id=CVE-2018-5184	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5184	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5185	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580241	external
https://www.cve.org/CVERecord?id=CVE-2018-5185	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5185	external
https://www.mozilla.org/en-US/security/advisories…	external

Acknowledgments

the Mozilla project

Christoph Diehl Randell Jesup Tyson Smith Alex Gaynor Ronald Crane Julian Hector Kannan Vijayan Jason Kratzer

Nils

Ivan Fratric

Wladimir Palant

Root Object

Mozilla Developers

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for thunderbird is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1725",
        "url": "https://access.redhat.com/errata/RHSA-2018:1725"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1576250",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
      },
      {
        "category": "external",
        "summary": "1576255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
      },
      {
        "category": "external",
        "summary": "1576257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
      },
      {
        "category": "external",
        "summary": "1576260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
      },
      {
        "category": "external",
        "summary": "1576269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
      },
      {
        "category": "external",
        "summary": "1576278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
      },
      {
        "category": "external",
        "summary": "1576283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
      },
      {
        "category": "external",
        "summary": "1580236",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580236"
      },
      {
        "category": "external",
        "summary": "1580237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580237"
      },
      {
        "category": "external",
        "summary": "1580239",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580239"
      },
      {
        "category": "external",
        "summary": "1580240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580240"
      },
      {
        "category": "external",
        "summary": "1580241",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580241"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1725.json"
      }
    ],
    "title": "Red Hat Security Advisory: thunderbird security update",
    "tracking": {
      "current_release_date": "2025-11-25T18:21:41+00:00",
      "generator": {
        "date": "2025-11-25T18:21:41+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2018:1725",
      "initial_release_date": "2018-05-24T19:31:49+00:00",
      "revision_history": [
        {
          "date": "2018-05-24T19:31:49+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-24T19:31:49+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-25T18:21:41+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client (v. 7)",
                  "product_id": "7Client-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                  "product_id": "7Server-optional-Alt-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-1.el7_5.x86_64",
                "product": {
                  "name": "thunderbird-0:52.8.0-1.el7_5.x86_64",
                  "product_id": "thunderbird-0:52.8.0-1.el7_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-1.el7_5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-1.el7_5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-1.el7_5.src",
                "product": {
                  "name": "thunderbird-0:52.8.0-1.el7_5.src",
                  "product_id": "thunderbird-0:52.8.0-1.el7_5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-1.el7_5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
                "product": {
                  "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
                  "product_id": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-1.el7_5?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-1.el7_5?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-1.el7_5.aarch64",
                "product": {
                  "name": "thunderbird-0:52.8.0-1.el7_5.aarch64",
                  "product_id": "thunderbird-0:52.8.0-1.el7_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-1.el7_5?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-1.el7_5?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Christoph Diehl",
            "Randell Jesup",
            "Tyson Smith",
            "Alex Gaynor",
            "Ronald Crane",
            "Julian Hector",
            "Kannan Vijayan",
            "Jason Kratzer"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5150",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5154",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and clip paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and clip paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5155",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576257"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and text paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576257",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and text paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Ivan Fratric"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5159",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576260"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Integer overflow and out-of-bounds write in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576260",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Integer overflow and out-of-bounds write in Skia"
    },
    {
      "cve": "CVE-2018-5161",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580237"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Hang via malformed headers",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580237",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580237"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5161",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5161",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Hang via malformed headers"
    },
    {
      "cve": "CVE-2018-5162",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580239"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Encrypted mail leaks plaintext through src attribute",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580239",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580239"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5162",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5162",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Encrypted mail leaks plaintext through src attribute"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5168",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576269"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Lightweight themes can be installed without user interaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576269",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Lightweight themes can be installed without user interaction"
    },
    {
      "cve": "CVE-2018-5170",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580240"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Filename spoofing for external attachments",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580240",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580240"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5170",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5170",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Filename spoofing for external attachments"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Root Object"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5178",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576278"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576278",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Mozilla Developers"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5183",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Backport critical security fixes in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Backport critical security fixes in Skia"
    },
    {
      "cve": "CVE-2018-5184",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580236"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580236",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580236"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5184",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5184",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack"
    },
    {
      "cve": "CVE-2018-5185",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580241"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Leaking plaintext through HTML forms",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580241",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580241"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5185",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5185",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "Mozilla: Leaking plaintext through HTML forms"
    }
  ]
}

RHSA-2018:1726

Vulnerability from csaf_redhat - Published: 2018-05-24 19:59 - Updated: 2025-11-25 18:21

Summary

Red Hat Security Advisory: thunderbird security update

Severity

Important

Notes

Topic: An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

CVE-2018-5150

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5155

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5161

Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

4.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5162

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5168

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5170

4.2 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5184

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5185

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Low

References

75 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:1726	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580236	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580237	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580239	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580240	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580241	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2018-5150	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://www.cve.org/CVERecord?id=CVE-2018-5150	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5150	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5154	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://www.cve.org/CVERecord?id=CVE-2018-5154	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5154	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5155	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://www.cve.org/CVERecord?id=CVE-2018-5155	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5155	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5159	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://www.cve.org/CVERecord?id=CVE-2018-5159	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5159	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5161	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580237	external
https://www.cve.org/CVERecord?id=CVE-2018-5161	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5161	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5162	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580239	external
https://www.cve.org/CVERecord?id=CVE-2018-5162	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5162	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5168	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://www.cve.org/CVERecord?id=CVE-2018-5168	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5168	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5170	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580240	external
https://www.cve.org/CVERecord?id=CVE-2018-5170	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5170	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5178	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://www.cve.org/CVERecord?id=CVE-2018-5178	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5178	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://www.cve.org/CVERecord?id=CVE-2018-5183	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5183	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5184	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580236	external
https://www.cve.org/CVERecord?id=CVE-2018-5184	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5184	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5185	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580241	external
https://www.cve.org/CVERecord?id=CVE-2018-5185	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5185	external
https://www.mozilla.org/en-US/security/advisories…	external

Acknowledgments

the Mozilla project

Christoph Diehl Randell Jesup Tyson Smith Alex Gaynor Ronald Crane Julian Hector Kannan Vijayan Jason Kratzer

Nils

Ivan Fratric

Wladimir Palant

Root Object

Mozilla Developers

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for thunderbird is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1726",
        "url": "https://access.redhat.com/errata/RHSA-2018:1726"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1576250",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
      },
      {
        "category": "external",
        "summary": "1576255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
      },
      {
        "category": "external",
        "summary": "1576257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
      },
      {
        "category": "external",
        "summary": "1576260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
      },
      {
        "category": "external",
        "summary": "1576269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
      },
      {
        "category": "external",
        "summary": "1576278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
      },
      {
        "category": "external",
        "summary": "1576283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
      },
      {
        "category": "external",
        "summary": "1580236",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580236"
      },
      {
        "category": "external",
        "summary": "1580237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580237"
      },
      {
        "category": "external",
        "summary": "1580239",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580239"
      },
      {
        "category": "external",
        "summary": "1580240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580240"
      },
      {
        "category": "external",
        "summary": "1580241",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580241"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1726.json"
      }
    ],
    "title": "Red Hat Security Advisory: thunderbird security update",
    "tracking": {
      "current_release_date": "2025-11-25T18:21:41+00:00",
      "generator": {
        "date": "2025-11-25T18:21:41+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2018:1726",
      "initial_release_date": "2018-05-24T19:59:01+00:00",
      "revision_history": [
        {
          "date": "2018-05-24T19:59:01+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-24T19:59:01+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-25T18:21:41+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-2.el6_9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.x86_64",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.x86_64",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-2.el6_9?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.i686",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.i686",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.src",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.src",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-2.el6_9?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.s390x",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.s390x",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-2.el6_9?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.ppc64",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.ppc64",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.src",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.src",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.src",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Christoph Diehl",
            "Randell Jesup",
            "Tyson Smith",
            "Alex Gaynor",
            "Ronald Crane",
            "Julian Hector",
            "Kannan Vijayan",
            "Jason Kratzer"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5150",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5154",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and clip paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and clip paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5155",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576257"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and text paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576257",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and text paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Ivan Fratric"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5159",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576260"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Integer overflow and out-of-bounds write in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576260",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Integer overflow and out-of-bounds write in Skia"
    },
    {
      "cve": "CVE-2018-5161",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580237"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Hang via malformed headers",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580237",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580237"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5161",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5161",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Hang via malformed headers"
    },
    {
      "cve": "CVE-2018-5162",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580239"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Encrypted mail leaks plaintext through src attribute",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580239",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580239"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5162",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5162",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Encrypted mail leaks plaintext through src attribute"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5168",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576269"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Lightweight themes can be installed without user interaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576269",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Lightweight themes can be installed without user interaction"
    },
    {
      "cve": "CVE-2018-5170",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580240"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Filename spoofing for external attachments",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580240",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580240"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5170",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5170",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Filename spoofing for external attachments"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Root Object"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5178",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576278"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576278",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Mozilla Developers"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5183",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Backport critical security fixes in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Backport critical security fixes in Skia"
    },
    {
      "cve": "CVE-2018-5184",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580236"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580236",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580236"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5184",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5184",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack"
    },
    {
      "cve": "CVE-2018-5185",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580241"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Leaking plaintext through HTML forms",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580241",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580241"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5185",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5185",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "Mozilla: Leaking plaintext through HTML forms"
    }
  ]
}

RHSA-2018_1414

Vulnerability from csaf_redhat - Published: 2018-05-14 14:48 - Updated: 2024-11-22 11:58

Summary

Red Hat Security Advisory: firefox security update

Severity

Critical

Notes

CVE-2018-5150

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5155

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5157

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-829 - Inclusion of Functionality from Untrusted Control Sphere

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5158

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5168

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 91 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Critical

References

58 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:1414	self
https://access.redhat.com/security/updates/classi…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576258	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576259	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2018-5150	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://www.cve.org/CVERecord?id=CVE-2018-5150	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5150	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5154	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://www.cve.org/CVERecord?id=CVE-2018-5154	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5154	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5155	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://www.cve.org/CVERecord?id=CVE-2018-5155	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5155	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5157	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576258	external
https://www.cve.org/CVERecord?id=CVE-2018-5157	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5157	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5158	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576259	external
https://www.cve.org/CVERecord?id=CVE-2018-5158	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5158	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5159	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://www.cve.org/CVERecord?id=CVE-2018-5159	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5159	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5168	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://www.cve.org/CVERecord?id=CVE-2018-5168	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5168	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5178	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://www.cve.org/CVERecord?id=CVE-2018-5178	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5178	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://www.cve.org/CVERecord?id=CVE-2018-5183	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5183	external
https://www.mozilla.org/en-US/security/advisories…	external

Acknowledgments

the Mozilla project

Christoph Diehl Randell Jesup Tyson Smith Alex Gaynor Ronald Crane Julian Hector Kannan Vijayan Jason Kratzer

Nils

Wladimir Palant

Ivan Fratric

Root Object

Mozilla Developers

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for firefox is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1414",
        "url": "https://access.redhat.com/errata/RHSA-2018:1414"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/"
      },
      {
        "category": "external",
        "summary": "1576250",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
      },
      {
        "category": "external",
        "summary": "1576255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
      },
      {
        "category": "external",
        "summary": "1576257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
      },
      {
        "category": "external",
        "summary": "1576258",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258"
      },
      {
        "category": "external",
        "summary": "1576259",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259"
      },
      {
        "category": "external",
        "summary": "1576260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
      },
      {
        "category": "external",
        "summary": "1576269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
      },
      {
        "category": "external",
        "summary": "1576278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
      },
      {
        "category": "external",
        "summary": "1576283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1414.json"
      }
    ],
    "title": "Red Hat Security Advisory: firefox security update",
    "tracking": {
      "current_release_date": "2024-11-22T11:58:04+00:00",
      "generator": {
        "date": "2024-11-22T11:58:04+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2018:1414",
      "initial_release_date": "2018-05-14T14:48:05+00:00",
      "revision_history": [
        {
          "date": "2018-05-14T14:48:05+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-14T14:48:05+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:58:04+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                  "product_id": "6Workstation-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.x86_64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.x86_64",
                  "product_id": "firefox-0:52.8.0-1.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.i686",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.i686",
                  "product_id": "firefox-0:52.8.0-1.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.src",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.src",
                  "product_id": "firefox-0:52.8.0-1.el6_9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.ppc",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.ppc",
                  "product_id": "firefox-0:52.8.0-1.el6_9.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.s390",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.s390",
                  "product_id": "firefox-0:52.8.0-1.el6_9.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.s390x",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.s390x",
                  "product_id": "firefox-0:52.8.0-1.el6_9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el6_9?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el6_9.ppc64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el6_9.ppc64",
                  "product_id": "firefox-0:52.8.0-1.el6_9.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el6_9?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.src",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.i686",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Christoph Diehl",
            "Randell Jesup",
            "Tyson Smith",
            "Alex Gaynor",
            "Ronald Crane",
            "Julian Hector",
            "Kannan Vijayan",
            "Jason Kratzer"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5150",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5154",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and clip paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and clip paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5155",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576257"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and text paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576257",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and text paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5157",
      "cwe": {
        "id": "CWE-829",
        "name": "Inclusion of Functionality from Untrusted Control Sphere"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576258"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576258",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5158",
      "cwe": {
        "id": "CWE-95",
        "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576259"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576259",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Ivan Fratric"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5159",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576260"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Integer overflow and out-of-bounds write in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576260",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Integer overflow and out-of-bounds write in Skia"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5168",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576269"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Lightweight themes can be installed without user interaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576269",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Lightweight themes can be installed without user interaction"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Root Object"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5178",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576278"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576278",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Mozilla Developers"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5183",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Backport critical security fixes in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
          "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
          "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T14:48:05+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1414"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Client-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Client-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6ComputeNode-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6ComputeNode-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Server-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Server-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.src",
            "6Workstation-optional-6.9.z:firefox-0:52.8.0-1.el6_9.x86_64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.i686",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.ppc64",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.s390x",
            "6Workstation-optional-6.9.z:firefox-debuginfo-0:52.8.0-1.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Backport critical security fixes in Skia"
    }
  ]
}

RHSA-2018_1415

Vulnerability from csaf_redhat - Published: 2018-05-14 15:19 - Updated: 2024-11-22 11:57

Summary

Red Hat Security Advisory: firefox security update

Severity

Critical

Notes

CVE-2018-5150

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5155

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5157

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-829 - Inclusion of Functionality from Untrusted Control Sphere

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5158

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5168

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 120 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x	—	Vendor Fix fix
Unresolved product id: 7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Critical

References

58 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:1415	self
https://access.redhat.com/security/updates/classi…	external
https://www.mozilla.org/en-US/security/advisories…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576258	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576259	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2018-5150	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://www.cve.org/CVERecord?id=CVE-2018-5150	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5150	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5154	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://www.cve.org/CVERecord?id=CVE-2018-5154	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5154	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5155	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://www.cve.org/CVERecord?id=CVE-2018-5155	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5155	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5157	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576258	external
https://www.cve.org/CVERecord?id=CVE-2018-5157	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5157	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5158	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576259	external
https://www.cve.org/CVERecord?id=CVE-2018-5158	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5158	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5159	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://www.cve.org/CVERecord?id=CVE-2018-5159	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5159	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5168	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://www.cve.org/CVERecord?id=CVE-2018-5168	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5168	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5178	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://www.cve.org/CVERecord?id=CVE-2018-5178	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5178	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://www.cve.org/CVERecord?id=CVE-2018-5183	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5183	external
https://www.mozilla.org/en-US/security/advisories…	external

Acknowledgments

the Mozilla project

Christoph Diehl Randell Jesup Tyson Smith Alex Gaynor Ronald Crane Julian Hector Kannan Vijayan Jason Kratzer

Nils

Wladimir Palant

Ivan Fratric

Root Object

Mozilla Developers

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for firefox is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.8.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157)\n\n* Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Wladimir Palant, Ivan Fratric, and Root Object as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1415",
        "url": "https://access.redhat.com/errata/RHSA-2018:1415"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/",
        "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/"
      },
      {
        "category": "external",
        "summary": "1576250",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
      },
      {
        "category": "external",
        "summary": "1576255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
      },
      {
        "category": "external",
        "summary": "1576257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
      },
      {
        "category": "external",
        "summary": "1576258",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258"
      },
      {
        "category": "external",
        "summary": "1576259",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259"
      },
      {
        "category": "external",
        "summary": "1576260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
      },
      {
        "category": "external",
        "summary": "1576269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
      },
      {
        "category": "external",
        "summary": "1576278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
      },
      {
        "category": "external",
        "summary": "1576283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1415.json"
      }
    ],
    "title": "Red Hat Security Advisory: firefox security update",
    "tracking": {
      "current_release_date": "2024-11-22T11:57:58+00:00",
      "generator": {
        "date": "2024-11-22T11:57:58+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2018:1415",
      "initial_release_date": "2018-05-14T15:19:04+00:00",
      "revision_history": [
        {
          "date": "2018-05-14T15:19:04+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-14T15:19:04+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:57:58+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client (v. 7)",
                  "product_id": "7Client-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                  "product_id": "7Client-optional-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
                  "product_id": "7Server-Alt-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                  "product_id": "7Server-optional-Alt-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                  "product_id": "7Workstation-optional-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.x86_64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.x86_64",
                  "product_id": "firefox-0:52.8.0-1.el7_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.src",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.src",
                  "product_id": "firefox-0:52.8.0-1.el7_5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.i686",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.i686",
                  "product_id": "firefox-0:52.8.0-1.el7_5.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.s390x",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.s390x",
                  "product_id": "firefox-0:52.8.0-1.el7_5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.ppc64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.ppc64",
                  "product_id": "firefox-0:52.8.0-1.el7_5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.ppc64le",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.ppc64le",
                  "product_id": "firefox-0:52.8.0-1.el7_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.aarch64",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.aarch64",
                  "product_id": "firefox-0:52.8.0-1.el7_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "firefox-0:52.8.0-1.el7_5.s390",
                "product": {
                  "name": "firefox-0:52.8.0-1.el7_5.s390",
                  "product_id": "firefox-0:52.8.0-1.el7_5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox@52.8.0-1.el7_5?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
                "product": {
                  "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
                  "product_id": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/firefox-debuginfo@52.8.0-1.el7_5?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.i686",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-optional-7.5.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Christoph Diehl",
            "Randell Jesup",
            "Tyson Smith",
            "Alex Gaynor",
            "Ronald Crane",
            "Julian Hector",
            "Kannan Vijayan",
            "Jason Kratzer"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5150",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5154",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and clip paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and clip paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5155",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576257"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and text paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576257",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and text paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5157",
      "cwe": {
        "id": "CWE-829",
        "name": "Inclusion of Functionality from Untrusted Control Sphere"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576258"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576258",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576258"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5157",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5157"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5158",
      "cwe": {
        "id": "CWE-95",
        "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576259"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576259",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576259"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5158",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5158"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Malicious PDF can inject JavaScript into PDF Viewer"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Ivan Fratric"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5159",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576260"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Integer overflow and out-of-bounds write in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576260",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Integer overflow and out-of-bounds write in Skia"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5168",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576269"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Lightweight themes can be installed without user interaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576269",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Lightweight themes can be installed without user interaction"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Root Object"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5178",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576278"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576278",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Mozilla Developers"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5183",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Backport critical security fixes in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
          "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
          "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-14T15:19:04+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
          "product_ids": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1415"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Client-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Client-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Server-optional-Alt-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.src",
            "7Workstation-optional-7.5.Z:firefox-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.i686",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.s390x",
            "7Workstation-optional-7.5.Z:firefox-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Backport critical security fixes in Skia"
    }
  ]
}

RHSA-2018_1725

Vulnerability from csaf_redhat - Published: 2018-05-24 19:31 - Updated: 2024-11-22 11:58

Summary

Red Hat Security Advisory: thunderbird security update

Severity

Important

Notes

CVE-2018-5150

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5155

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5161

Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

4.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5162

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5168

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5170

4.2 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5184

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5185

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64	—	Vendor Fix fix

Threats

Impact Low

References

75 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:1725	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580236	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580237	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580239	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580240	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580241	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2018-5150	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://www.cve.org/CVERecord?id=CVE-2018-5150	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5150	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5154	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://www.cve.org/CVERecord?id=CVE-2018-5154	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5154	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5155	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://www.cve.org/CVERecord?id=CVE-2018-5155	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5155	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5159	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://www.cve.org/CVERecord?id=CVE-2018-5159	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5159	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5161	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580237	external
https://www.cve.org/CVERecord?id=CVE-2018-5161	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5161	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5162	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580239	external
https://www.cve.org/CVERecord?id=CVE-2018-5162	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5162	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5168	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://www.cve.org/CVERecord?id=CVE-2018-5168	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5168	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5170	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580240	external
https://www.cve.org/CVERecord?id=CVE-2018-5170	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5170	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5178	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://www.cve.org/CVERecord?id=CVE-2018-5178	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5178	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://www.cve.org/CVERecord?id=CVE-2018-5183	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5183	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5184	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580236	external
https://www.cve.org/CVERecord?id=CVE-2018-5184	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5184	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5185	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580241	external
https://www.cve.org/CVERecord?id=CVE-2018-5185	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5185	external
https://www.mozilla.org/en-US/security/advisories…	external

Acknowledgments

the Mozilla project

Christoph Diehl Randell Jesup Tyson Smith Alex Gaynor Ronald Crane Julian Hector Kannan Vijayan Jason Kratzer

Nils

Ivan Fratric

Wladimir Palant

Root Object

Mozilla Developers

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for thunderbird is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1725",
        "url": "https://access.redhat.com/errata/RHSA-2018:1725"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1576250",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
      },
      {
        "category": "external",
        "summary": "1576255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
      },
      {
        "category": "external",
        "summary": "1576257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
      },
      {
        "category": "external",
        "summary": "1576260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
      },
      {
        "category": "external",
        "summary": "1576269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
      },
      {
        "category": "external",
        "summary": "1576278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
      },
      {
        "category": "external",
        "summary": "1576283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
      },
      {
        "category": "external",
        "summary": "1580236",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580236"
      },
      {
        "category": "external",
        "summary": "1580237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580237"
      },
      {
        "category": "external",
        "summary": "1580239",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580239"
      },
      {
        "category": "external",
        "summary": "1580240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580240"
      },
      {
        "category": "external",
        "summary": "1580241",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580241"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1725.json"
      }
    ],
    "title": "Red Hat Security Advisory: thunderbird security update",
    "tracking": {
      "current_release_date": "2024-11-22T11:58:57+00:00",
      "generator": {
        "date": "2024-11-22T11:58:57+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2018:1725",
      "initial_release_date": "2018-05-24T19:31:49+00:00",
      "revision_history": [
        {
          "date": "2018-05-24T19:31:49+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-24T19:31:49+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:58:57+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client (v. 7)",
                  "product_id": "7Client-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                  "product_id": "7Server-optional-Alt-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-7.5.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-1.el7_5.x86_64",
                "product": {
                  "name": "thunderbird-0:52.8.0-1.el7_5.x86_64",
                  "product_id": "thunderbird-0:52.8.0-1.el7_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-1.el7_5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-1.el7_5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-1.el7_5.src",
                "product": {
                  "name": "thunderbird-0:52.8.0-1.el7_5.src",
                  "product_id": "thunderbird-0:52.8.0-1.el7_5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-1.el7_5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
                "product": {
                  "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
                  "product_id": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-1.el7_5?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-1.el7_5?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-1.el7_5.aarch64",
                "product": {
                  "name": "thunderbird-0:52.8.0-1.el7_5.aarch64",
                  "product_id": "thunderbird-0:52.8.0-1.el7_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-1.el7_5?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-1.el7_5?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Client-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Server-optional-Alt-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.src",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
        "relates_to_product_reference": "7Workstation-7.5.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Christoph Diehl",
            "Randell Jesup",
            "Tyson Smith",
            "Alex Gaynor",
            "Ronald Crane",
            "Julian Hector",
            "Kannan Vijayan",
            "Jason Kratzer"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5150",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5154",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and clip paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and clip paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5155",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576257"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and text paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576257",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and text paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Ivan Fratric"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5159",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576260"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Integer overflow and out-of-bounds write in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576260",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Integer overflow and out-of-bounds write in Skia"
    },
    {
      "cve": "CVE-2018-5161",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580237"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Hang via malformed headers",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580237",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580237"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5161",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5161",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Hang via malformed headers"
    },
    {
      "cve": "CVE-2018-5162",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580239"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Encrypted mail leaks plaintext through src attribute",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580239",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580239"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5162",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5162",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Encrypted mail leaks plaintext through src attribute"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5168",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576269"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Lightweight themes can be installed without user interaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576269",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Lightweight themes can be installed without user interaction"
    },
    {
      "cve": "CVE-2018-5170",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580240"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Filename spoofing for external attachments",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580240",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580240"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5170",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5170",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Filename spoofing for external attachments"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Root Object"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5178",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576278"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576278",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Mozilla Developers"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5183",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Backport critical security fixes in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Backport critical security fixes in Skia"
    },
    {
      "cve": "CVE-2018-5184",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580236"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580236",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580236"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5184",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5184",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack"
    },
    {
      "cve": "CVE-2018-5185",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580241"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Leaking plaintext through HTML forms",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
          "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
          "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580241",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580241"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5185",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5185",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:31:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1725"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Client-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Client-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Server-optional-Alt-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Server-optional-Alt-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.src",
            "7Workstation-7.5.Z:thunderbird-0:52.8.0-1.el7_5.x86_64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.aarch64",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.ppc64le",
            "7Workstation-7.5.Z:thunderbird-debuginfo-0:52.8.0-1.el7_5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "Mozilla: Leaking plaintext through HTML forms"
    }
  ]
}

RHSA-2018_1726

Vulnerability from csaf_redhat - Published: 2018-05-24 19:59 - Updated: 2024-11-22 11:59

Summary

Red Hat Security Advisory: thunderbird security update

Severity

Important

Notes

CVE-2018-5150

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5155

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-416 - Use After Free

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5161

Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

4.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5162

Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5168

6.1 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-862 - Missing Authorization

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5170

4.2 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Critical

CVE-2018-5184

Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2018-5185

Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.

6.5 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x	—	Vendor Fix fix
Unresolved product id: 6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64	—	Vendor Fix fix

Threats

Impact Low

References

75 references

URL	Category
https://access.redhat.com/errata/RHSA-2018:1726	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580236	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580237	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580239	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580240	external
https://bugzilla.redhat.com/show_bug.cgi?id=1580241	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2018-5150	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576250	external
https://www.cve.org/CVERecord?id=CVE-2018-5150	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5150	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5154	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576255	external
https://www.cve.org/CVERecord?id=CVE-2018-5154	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5154	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5155	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576257	external
https://www.cve.org/CVERecord?id=CVE-2018-5155	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5155	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5159	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576260	external
https://www.cve.org/CVERecord?id=CVE-2018-5159	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5159	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5161	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580237	external
https://www.cve.org/CVERecord?id=CVE-2018-5161	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5161	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5162	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580239	external
https://www.cve.org/CVERecord?id=CVE-2018-5162	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5162	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5168	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576269	external
https://www.cve.org/CVERecord?id=CVE-2018-5168	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5168	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5170	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580240	external
https://www.cve.org/CVERecord?id=CVE-2018-5170	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5170	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5178	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576278	external
https://www.cve.org/CVERecord?id=CVE-2018-5178	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5178	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5183	self
https://bugzilla.redhat.com/show_bug.cgi?id=1576283	external
https://www.cve.org/CVERecord?id=CVE-2018-5183	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5183	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5184	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580236	external
https://www.cve.org/CVERecord?id=CVE-2018-5184	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5184	external
https://www.mozilla.org/en-US/security/advisories…	external
https://access.redhat.com/security/cve/CVE-2018-5185	self
https://bugzilla.redhat.com/show_bug.cgi?id=1580241	external
https://www.cve.org/CVERecord?id=CVE-2018-5185	external
https://nvd.nist.gov/vuln/detail/CVE-2018-5185	external
https://www.mozilla.org/en-US/security/advisories…	external

Acknowledgments

the Mozilla project

Christoph Diehl Randell Jesup Tyson Smith Alex Gaynor Ronald Crane Julian Hector Kannan Vijayan Jason Kratzer

Nils

Ivan Fratric

Wladimir Palant

Root Object

Mozilla Developers

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for thunderbird is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 52.8.0.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150)\n\n* Mozilla: Backport critical security fixes in Skia (CVE-2018-5183)\n\n* Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154)\n\n* Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155)\n\n* Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159)\n\n* Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184)\n\n* Mozilla: Hang via malformed headers (CVE-2018-5161)\n\n* Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162)\n\n* Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168)\n\n* Mozilla: Filename spoofing for external attachments (CVE-2018-5170)\n\n* Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)\n\n* Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Mozilla project for reporting CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, and CVE-2018-5183. Upstream acknowledges Christoph Diehl, Randell Jesup, Tyson Smith, Alex Gaynor, Ronald Crane, Julian Hector, Kannan Vijayan, Jason Kratzer, Mozilla Developers, Nils, Ivan Fratric, Wladimir Palant, and Root Object as the original reporters.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1726",
        "url": "https://access.redhat.com/errata/RHSA-2018:1726"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1576250",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
      },
      {
        "category": "external",
        "summary": "1576255",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
      },
      {
        "category": "external",
        "summary": "1576257",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
      },
      {
        "category": "external",
        "summary": "1576260",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
      },
      {
        "category": "external",
        "summary": "1576269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
      },
      {
        "category": "external",
        "summary": "1576278",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
      },
      {
        "category": "external",
        "summary": "1576283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
      },
      {
        "category": "external",
        "summary": "1580236",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580236"
      },
      {
        "category": "external",
        "summary": "1580237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580237"
      },
      {
        "category": "external",
        "summary": "1580239",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580239"
      },
      {
        "category": "external",
        "summary": "1580240",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580240"
      },
      {
        "category": "external",
        "summary": "1580241",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580241"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1726.json"
      }
    ],
    "title": "Red Hat Security Advisory: thunderbird security update",
    "tracking": {
      "current_release_date": "2024-11-22T11:59:02+00:00",
      "generator": {
        "date": "2024-11-22T11:59:02+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2018:1726",
      "initial_release_date": "2018-05-24T19:59:01+00:00",
      "revision_history": [
        {
          "date": "2018-05-24T19:59:01+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-24T19:59:01+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:59:02+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-2.el6_9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.x86_64",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.x86_64",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-2.el6_9?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.i686",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.i686",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.src",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.src",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-2.el6_9?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.s390x",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.s390x",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
                "product": {
                  "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
                  "product_id": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird-debuginfo@52.8.0-2.el6_9?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "thunderbird-0:52.8.0-2.el6_9.ppc64",
                "product": {
                  "name": "thunderbird-0:52.8.0-2.el6_9.ppc64",
                  "product_id": "thunderbird-0:52.8.0-2.el6_9.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/thunderbird@52.8.0-2.el6_9?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.src",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Client-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.src",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.src",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        },
        "product_reference": "thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
        "relates_to_product_reference": "6Workstation-6.9.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Christoph Diehl",
            "Randell Jesup",
            "Tyson Smith",
            "Alex Gaynor",
            "Ronald Crane",
            "Julian Hector",
            "Kannan Vijayan",
            "Jason Kratzer"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5150",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576250"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576250",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576250"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5150",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5150"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5154",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576255"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and clip paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576255",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576255"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5154",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5154"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and clip paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Nils"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5155",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576257"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Use-after-free with SVG animations and text paths",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576257",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576257"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5155"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Use-after-free with SVG animations and text paths"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Ivan Fratric"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5159",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576260"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Integer overflow and out-of-bounds write in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576260",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576260"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5159"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Integer overflow and out-of-bounds write in Skia"
    },
    {
      "cve": "CVE-2018-5161",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580237"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Hang via malformed headers",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580237",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580237"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5161",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5161",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5161"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5161"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Hang via malformed headers"
    },
    {
      "cve": "CVE-2018-5162",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580239"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Encrypted mail leaks plaintext through src attribute",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580239",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580239"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5162",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5162",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5162"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Encrypted mail leaks plaintext through src attribute"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Wladimir Palant"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5168",
      "cwe": {
        "id": "CWE-862",
        "name": "Missing Authorization"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576269"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Lightweight themes can be installed without user interaction",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576269",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576269"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5168",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5168"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Lightweight themes can be installed without user interaction"
    },
    {
      "cve": "CVE-2018-5170",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580240"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This could lead to a user opening a remote attachment which is a different file type than expected. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Filename spoofing for external attachments",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580240",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580240"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5170",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5170",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5170"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5170"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Filename spoofing for external attachments"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Root Object"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5178",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576278"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576278",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576278"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5178"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Mozilla project"
          ]
        },
        {
          "names": [
            "Mozilla Developers"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2018-5183",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2018-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1576283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Backport critical security fixes in Skia",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "RHBZ#1576283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-12/#CVE-2018-5183"
        }
      ],
      "release_date": "2018-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "Mozilla: Backport critical security fixes in Skia"
    },
    {
      "cve": "CVE-2018-5184",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580236"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580236",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580236"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5184",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5184",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5184"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack"
    },
    {
      "cve": "CVE-2018-5185",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1580241"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability affects Thunderbird ESR \u003c 52.8 and Thunderbird \u003c 52.8.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Mozilla: Leaking plaintext through HTML forms",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
          "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
          "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "RHBZ#1580241",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1580241"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-5185",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5185",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5185"
        },
        {
          "category": "external",
          "summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185",
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185"
        }
      ],
      "release_date": "2018-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-24T19:59:01+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
          "product_ids": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1726"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Client-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Client-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Server-optional-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Server-optional-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.src",
            "6Workstation-6.9.z:thunderbird-0:52.8.0-2.el6_9.x86_64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.i686",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.ppc64",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.s390x",
            "6Workstation-6.9.z:thunderbird-debuginfo-0:52.8.0-2.el6_9.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "Mozilla: Leaking plaintext through HTML forms"
    }
  ]
}

SUSE-SU-2018:1319-1

Vulnerability from csaf_suse - Published: 2018-05-16 19:36 - Updated: 2018-05-16 19:36

Summary

Security update for MozillaFirefox

Severity

Important

Notes

Title of the patch: Security update for MozillaFirefox

Description of the patch: This update for MozillaFirefox to ESR 52.8 release fixes the following issues: Update to Firefox ESR 52.8 (bsc#1092548) Security issues fixed: - MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia - MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer - MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction - MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 - MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths - MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia - MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files - MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths - MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension

Patchnames: sdksp4-MozillaFirefox-13605,sleposp3-MozillaFirefox-13605,slessp3-MozillaFirefox-13605,slessp4-MozillaFirefox-13605

CVE-2018-5150

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5155

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5157

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5158

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5168

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5174

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 39 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64	—	Vendor Fix

Threats

Impact important

References

95 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1092548	self
https://www.suse.com/security/cve/CVE-2018-5150/	self
https://www.suse.com/security/cve/CVE-2018-5154/	self
https://www.suse.com/security/cve/CVE-2018-5155/	self
https://www.suse.com/security/cve/CVE-2018-5157/	self
https://www.suse.com/security/cve/CVE-2018-5158/	self
https://www.suse.com/security/cve/CVE-2018-5159/	self
https://www.suse.com/security/cve/CVE-2018-5168/	self
https://www.suse.com/security/cve/CVE-2018-5174/	self
https://www.suse.com/security/cve/CVE-2018-5178/	self
https://www.suse.com/security/cve/CVE-2018-5183/	self
https://www.suse.com/security/cve/CVE-2018-5150	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5154	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5155	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5157	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5158	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5159	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5168	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5174	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5178	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5183	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for MozillaFirefox",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for MozillaFirefox to ESR 52.8 release fixes the following issues:\n\nUpdate to Firefox ESR 52.8 (bsc#1092548)\n\nSecurity issues fixed:\n\n- MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n- MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer\n- MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction\n- MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n- MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths\n- MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia\n- MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files\n- MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths\n- MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "sdksp4-MozillaFirefox-13605,sleposp3-MozillaFirefox-13605,slessp3-MozillaFirefox-13605,slessp4-MozillaFirefox-13605",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1319-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:1319-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181319-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:1319-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/004056.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1092548",
        "url": "https://bugzilla.suse.com/1092548"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5150 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5150/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5154 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5155 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5155/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5157 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5157/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5158 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5158/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5159 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5159/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5168 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5168/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5174 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5174/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5178 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5178/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5183 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5183/"
      }
    ],
    "title": "Security update for MozillaFirefox",
    "tracking": {
      "current_release_date": "2018-05-16T19:36:01Z",
      "generator": {
        "date": "2018-05-16T19:36:01Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:1319-1",
      "initial_release_date": "2018-05-16T19:36:01Z",
      "revision_history": [
        {
          "date": "2018-05-16T19:36:01Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-72.32.1.i586",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-72.32.1.i586",
                  "product_id": "MozillaFirefox-52.8.0esr-72.32.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-72.32.1.ia64",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-72.32.1.ia64",
                  "product_id": "MozillaFirefox-52.8.0esr-72.32.1.ia64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64"
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-72.32.1.ppc64",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-72.32.1.ppc64",
                  "product_id": "MozillaFirefox-52.8.0esr-72.32.1.ppc64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x",
                  "product_id": "MozillaFirefox-52.8.0esr-72.32.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64",
                  "product_id": "MozillaFirefox-52.8.0esr-72.32.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:suse:sle-sdk:11:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Point of Sale 11 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Point of Sale 11 SP3",
                  "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-pos:11:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
                  "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:11:sp3:teradata"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP4",
                  "product_id": "SUSE Linux Enterprise Server 11 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse_sles:11:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:11:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
          "product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
          "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
          "product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
          "product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
          "product_id": "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-5150",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5150"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5150",
          "url": "https://www.suse.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5150"
    },
    {
      "cve": "CVE-2018-5154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5154",
          "url": "https://www.suse.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5154"
    },
    {
      "cve": "CVE-2018-5155",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5155"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5155",
          "url": "https://www.suse.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5155"
    },
    {
      "cve": "CVE-2018-5157",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5157"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5157",
          "url": "https://www.suse.com/security/cve/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5157"
    },
    {
      "cve": "CVE-2018-5158",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5158"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5158",
          "url": "https://www.suse.com/security/cve/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5158"
    },
    {
      "cve": "CVE-2018-5159",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5159"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5159",
          "url": "https://www.suse.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5159"
    },
    {
      "cve": "CVE-2018-5168",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5168"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5168",
          "url": "https://www.suse.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5168"
    },
    {
      "cve": "CVE-2018-5174",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5174"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won\u0027t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5174",
          "url": "https://www.suse.com/security/cve/CVE-2018-5174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5174"
    },
    {
      "cve": "CVE-2018-5178",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5178"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5178",
          "url": "https://www.suse.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5178"
    },
    {
      "cve": "CVE-2018-5183",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5183"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5183",
          "url": "https://www.suse.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Point of Sale 11 SP3:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-LTSS:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP3-TERADATA:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 11 SP4:MozillaFirefox-translations-52.8.0esr-72.32.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.i586",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ia64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.ppc64",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-52.8.0esr-72.32.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-16T19:36:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5183"
    }
  ]
}

SUSE-SU-2018:1334-1

Vulnerability from csaf_suse - Published: 2018-05-18 06:05 - Updated: 2018-05-18 06:05

Summary

Security update for MozillaFirefox

Severity

Important

Notes

Title of the patch: Security update for MozillaFirefox

Description of the patch: This update for MozillaFirefox to the ESR 52.8 release fixes the following issues: Mozil to Firefox ESR 52.8 (bsc#1092548) Security issues fixed: - MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia - MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer - MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction - MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 - MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths - MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia - MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files - MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths - MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension

Patchnames: SUSE-OpenStack-Cloud-7-2018-943,SUSE-SLE-DESKTOP-12-SP3-2018-943,SUSE-SLE-SAP-12-SP1-2018-943,SUSE-SLE-SAP-12-SP2-2018-943,SUSE-SLE-SDK-12-SP3-2018-943,SUSE-SLE-SERVER-12-2018-943,SUSE-SLE-SERVER-12-SP1-2018-943,SUSE-SLE-SERVER-12-SP2-2018-943,SUSE-SLE-SERVER-12-SP3-2018-943,SUSE-Storage-4-2018-943

CVE-2018-5150

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5154

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5155

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5157

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5158

8.8 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5159

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5168

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5174

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5178

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2018-5183

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 70 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x	—	Vendor Fix
Unresolved product id: SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64	—	Vendor Fix

Threats

Impact important

References

95 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1092548	self
https://www.suse.com/security/cve/CVE-2018-5150/	self
https://www.suse.com/security/cve/CVE-2018-5154/	self
https://www.suse.com/security/cve/CVE-2018-5155/	self
https://www.suse.com/security/cve/CVE-2018-5157/	self
https://www.suse.com/security/cve/CVE-2018-5158/	self
https://www.suse.com/security/cve/CVE-2018-5159/	self
https://www.suse.com/security/cve/CVE-2018-5168/	self
https://www.suse.com/security/cve/CVE-2018-5174/	self
https://www.suse.com/security/cve/CVE-2018-5178/	self
https://www.suse.com/security/cve/CVE-2018-5183/	self
https://www.suse.com/security/cve/CVE-2018-5150	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5154	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5155	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5157	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5158	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5159	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5168	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5174	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5178	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external
https://www.suse.com/security/cve/CVE-2018-5183	external
https://bugzilla.suse.com/1092548	external
https://bugzilla.suse.com/1092611	external
https://bugzilla.suse.com/1093969	external
https://bugzilla.suse.com/1093970	external
https://bugzilla.suse.com/1093971	external
https://bugzilla.suse.com/1093972	external
https://bugzilla.suse.com/1093973	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for MozillaFirefox",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for MozillaFirefox to the ESR 52.8 release fixes the following issues:\n\nMozil to Firefox ESR 52.8 (bsc#1092548)\n\nSecurity issues fixed:\n\n- MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia\n- MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer\n- MFSA 2018-12/CVE-2018-5168: Lightweight themes can be installed without user interaction\n- MFSA 2018-12/CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8\n- MFSA 2018-12/CVE-2018-5155: Use-after-free with SVG animations and text paths\n- MFSA 2018-12/CVE-2018-5183: Backport critical security fixes in Skia\n- MFSA 2018-12/CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files\n- MFSA 2018-12/CVE-2018-5154: Use-after-free with SVG animations and clip paths\n- MFSA 2018-12/CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-OpenStack-Cloud-7-2018-943,SUSE-SLE-DESKTOP-12-SP3-2018-943,SUSE-SLE-SAP-12-SP1-2018-943,SUSE-SLE-SAP-12-SP2-2018-943,SUSE-SLE-SDK-12-SP3-2018-943,SUSE-SLE-SERVER-12-2018-943,SUSE-SLE-SERVER-12-SP1-2018-943,SUSE-SLE-SERVER-12-SP2-2018-943,SUSE-SLE-SERVER-12-SP3-2018-943,SUSE-Storage-4-2018-943",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1334-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:1334-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181334-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:1334-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/004065.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1092548",
        "url": "https://bugzilla.suse.com/1092548"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5150 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5150/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5154 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5155 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5155/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5157 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5157/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5158 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5158/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5159 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5159/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5168 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5168/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5174 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5174/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5178 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5178/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-5183 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-5183/"
      }
    ],
    "title": "Security update for MozillaFirefox",
    "tracking": {
      "current_release_date": "2018-05-18T06:05:06Z",
      "generator": {
        "date": "2018-05-18T06:05:06Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:1334-1",
      "initial_release_date": "2018-05-18T06:05:06Z",
      "revision_history": [
        {
          "date": "2018-05-18T06:05:06Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-109.31.2.aarch64",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-109.31.2.aarch64",
                  "product_id": "MozillaFirefox-52.8.0esr-109.31.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
                  "product_id": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x",
                  "product_id": "MozillaFirefox-52.8.0esr-109.31.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
                "product": {
                  "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
                  "product_id": "MozillaFirefox-52.8.0esr-109.31.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
                "product": {
                  "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
                  "product_id": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
                  "product_id": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE OpenStack Cloud 7",
                "product": {
                  "name": "SUSE OpenStack Cloud 7",
                  "product_id": "SUSE OpenStack Cloud 7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-openstack-cloud:7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Desktop 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Desktop 12 SP3",
                  "product_id": "SUSE Linux Enterprise Desktop 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sled:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 4",
                "product": {
                  "name": "SUSE Enterprise Storage 4",
                  "product_id": "SUSE Enterprise Storage 4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE OpenStack Cloud 7",
          "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE OpenStack Cloud 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE OpenStack Cloud 7",
          "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE OpenStack Cloud 7",
          "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE OpenStack Cloud 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE OpenStack Cloud 7",
          "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE OpenStack Cloud 7",
          "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE OpenStack Cloud 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE OpenStack Cloud 7",
          "product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE OpenStack Cloud 7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
          "product_id": "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
          "product_id": "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-52.8.0esr-109.31.2.x86_64 as component of SUSE Enterprise Storage 4",
          "product_id": "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64 as component of SUSE Enterprise Storage 4",
          "product_id": "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64 as component of SUSE Enterprise Storage 4",
          "product_id": "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-5150",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5150"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5150",
          "url": "https://www.suse.com/security/cve/CVE-2018-5150"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5150",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5150"
    },
    {
      "cve": "CVE-2018-5154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while enumerating attributes during SVG animations with clip paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5154",
          "url": "https://www.suse.com/security/cve/CVE-2018-5154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5154",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5154"
    },
    {
      "cve": "CVE-2018-5155",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5155"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5155",
          "url": "https://www.suse.com/security/cve/CVE-2018-5155"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5155",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5155"
    },
    {
      "cve": "CVE-2018-5157",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5157"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5157",
          "url": "https://www.suse.com/security/cve/CVE-2018-5157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5157",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5157"
    },
    {
      "cve": "CVE-2018-5158",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5158"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR \u003c 52.8 and Firefox \u003c 60.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5158",
          "url": "https://www.suse.com/security/cve/CVE-2018-5158"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5158",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5158"
    },
    {
      "cve": "CVE-2018-5159",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5159"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5159",
          "url": "https://www.suse.com/security/cve/CVE-2018-5159"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5159",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5159"
    },
    {
      "cve": "CVE-2018-5168",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5168"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Sites can bypass security checks on permissions to install lightweight themes by manipulating the \"baseURI\" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5168",
          "url": "https://www.suse.com/security/cve/CVE-2018-5168"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5168",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5168"
    },
    {
      "cve": "CVE-2018-5174",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5174"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the \"SEE_MASK_FLAG_NO_UI\" flag associated with downloaded files and will not show any UI. Files that are unknown and potentially dangerous will be allowed to run because SmartScreen will not prompt the user for a decision, and if the user is offline all files will be allowed to be opened because Windows won\u0027t prompt the user to ask what to do. Firefox incorrectly sets this flag when downloading files, leading to less secure behavior from SmartScreen. Note: this issue only affects Windows 10 users running the April 2018 update or later. It does not affect other Windows users or other operating systems. This vulnerability affects Thunderbird \u003c 52.8, Thunderbird ESR \u003c 52.8, Firefox \u003c 60, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5174",
          "url": "https://www.suse.com/security/cve/CVE-2018-5174"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5174",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5174"
    },
    {
      "cve": "CVE-2018-5178",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5178"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5178",
          "url": "https://www.suse.com/security/cve/CVE-2018-5178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5178",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5178"
    },
    {
      "cve": "CVE-2018-5183",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-5183"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Mozilla developers backported selected changes in the Skia library. These changes correct memory corruption issues including invalid buffer reads and writes during graphic operations. This vulnerability affects Thunderbird ESR \u003c 52.8, Thunderbird \u003c 52.8, and Firefox ESR \u003c 52.8.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
          "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-5183",
          "url": "https://www.suse.com/security/cve/CVE-2018-5183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092548 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1092548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1092611 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1092611"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093969 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093969"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093970 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093971 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093972 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093972"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1093973 for CVE-2018-5183",
          "url": "https://bugzilla.suse.com/1093973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Enterprise Storage 4:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Enterprise Storage 4:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Desktop 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP3:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-devel-52.8.0esr-109.31.2.x86_64",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.s390x",
            "SUSE OpenStack Cloud 7:MozillaFirefox-translations-52.8.0esr-109.31.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-05-18T06:05:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2018-5183"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-5178 (GCVE-0-2018-5178)

Tags

Sightings

Nomenclature