VDB

CVE-2018-18501

CVE-2018-18501 PUBLISHED

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.

EPSS 5.49% · 90.4th percentile

Risk Scores

EPSS Score
5.49%
90.4th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSmozjs38*, 0, *
Ubuntu:16.04:LTSthunderbird1:38.5.1+build2-0ubuntu1, *, 1:38.7.2+build1-0ubuntu0.16.04.1
Ubuntu:14.04:LTSfirefox61.0.1+build1-0ubuntu0.14.04.1, 58.0+build6-0ubuntu0.14.04.1, 58.0.1+build1-0ubuntu0.14.04.1
Ubuntu:18.04:LTSfirefox*, 64.0+build3-0ubuntu0.18.04.1, 62.0.3+build1-0ubuntu0.18.04.1
Ubuntu:18.04:LTSmozjs5252.3.1-0ubuntu3, 52.8.1-0ubuntu0.18.04.1, 52.3.1-7fakesync1
Ubuntu:14.04:LTSthunderbird1:52.3.0+build1-0ubuntu0.14.04.1, 1:24.0+build1-0ubuntu1, 1:24.0+build1-0ubuntu2
Ubuntu:20.04:LTSmozjs5252.9.1-1ubuntu3, 52.9.1-1build1, 0
Ubuntu:18.04:LTSthunderbird1:52.4.0+build1-0ubuntu2, 1:52.6.0+build1-0ubuntu1, *
Ubuntu:16.04:LTSfirefox57.0+build4-0ubuntu0.16.04.6, 57.0.1+build2-0ubuntu0.16.04.1, 57.0.3+build1-0ubuntu0.16.04.1

Timeline

  • Jan 30, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 22, 2021 EPSS Score
  • Oct 25, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 2, 2022 EPSS Score
  • Nov 5, 2022 EPSS Score
  • Jan 7, 2023 EPSS Score
  • Mar 10, 2023 EPSS Score
  • May 12, 2023 EPSS Score
  • Jul 13, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›