RHSA-2018:3005CriticalCVSS 9.8
Red Hat Security Advisory: firefox security and bug fix update
🔗 CVE IDs covered (7)
📋 Description
CVE-2018-12389 — Mozilla: Memory safety bugs fixed in Firefox ESR 60.3 CVE-2018-12390 — Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 CVE-2018-12392 — Mozilla: Crash with nested event loops CVE-2018-12393 — Mozilla: Integer overflow during Unicode conversion while loading JavaScript CVE-2018-12395 — Mozilla: WebExtension bypass of domain restrictions through header rewriting CVE-2018-12396 — Mozilla: WebExtension content scripts can execute in disallowed contexts CVE-2018-12397 — Mozilla: WebExtension local file permission check bypass
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2018:3005
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttps://www.mozilla.org/en-US/security/advisories/mfsa2018-27/
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1638082
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1642179
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1642180
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1642182
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1642183
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1642185
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1642186
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1642187
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_3005.json