[SUSE-SU-2018:3749-3] Security update for MozillaFirefox
Severity
Important
CVEs
7
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Security issues fixed:
- Update to Mozilla Firefox 60.3.0esr: MFSA 2018-27 (bsc#1112852)
- CVE-2018-12392: Crash with nested event loops.
- CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript.
- CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting.
- CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts.
- CVE-2018-12397: WebExtension local file access vulnerability.
- CVE-2018-12389: Memory safety bugs fixed in Firefox ESR 60.3.
- CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3.
- ID
- SUSE-SU-2018:3749-3
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2018/suse-su-20183749-3/
- Published
-
2019-04-27T16:09:30
(5 years ago) - Modified
-
2019-04-27T16:09:30
(5 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS2-2019-1157
-
ASA-201810-14
-
ASA-201811-10
-
DSA-4324-1
-
DSA-4337-1
-
ELSA-2018-3005
-
ELSA-2018-3006
-
ELSA-2018-3531
-
ELSA-2018-3532
-
FREEBSD:7C3A02B9-3273-4426-A0BA-F90FAD2FF72E
-
GLSA-201811-04
-
GLSA-201811-13
-
MFSA-2018-26
-
MFSA-2018-27
-
MFSA-2018-28
-
openSUSE-SU-2018:3687-1
-
RHSA-2018:3005
-
RHSA-2018:3006
-
RHSA-2018:3531
-
RHSA-2018:3532
-
SUSE-SU-2018:3656-1
-
SUSE-SU-2018:3749-1
-
SUSE-SU-2018:3749-2
-
SUSE-SU-2018:3769-1
-
USN-3801-1
-
USN-3868-1
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |