[SUSE-SU-2018:3749-3] Security update for MozillaFirefox
Severity
Important
CVEs
7
Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues:
Security issues fixed:
- Update to Mozilla Firefox 60.3.0esr: MFSA 2018-27 (bsc#1112852)
- CVE-2018-12392: Crash with nested event loops.
- CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript.
- CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting.
- CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts.
- CVE-2018-12397: WebExtension local file access vulnerability.
- CVE-2018-12389: Memory safety bugs fixed in Firefox ESR 60.3.
- CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3.
- ID
- SUSE-SU-2018:3749-3
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2018/suse-su-20183749-3/
- Published
-
2019-04-27T16:09:30
(5 years ago) - Modified
-
2019-04-27T16:09:30
(5 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS2-2019-1157
- ASA-201810-14
- ASA-201811-10
- DSA-4324-1
- DSA-4337-1
- ELSA-2018-3005
- ELSA-2018-3006
- ELSA-2018-3531
- ELSA-2018-3532
- FREEBSD:7C3A02B9-3273-4426-A0BA-F90FAD2FF72E
- GLSA-201811-04
- GLSA-201811-13
- MFSA-2018-26
- MFSA-2018-27
- MFSA-2018-28
- openSUSE-SU-2018:3687-1
- RHSA-2018:3005
- RHSA-2018:3006
- RHSA-2018:3531
- RHSA-2018:3532
- SUSE-SU-2018:3656-1
- SUSE-SU-2018:3749-1
- SUSE-SU-2018:3749-2
- SUSE-SU-2018:3769-1
- USN-3801-1
- USN-3868-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |