FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 06:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
39bc2294-ff32-4972-9ecb-b9f40b4ccb74	Mozilla -- multiple vulnerabilities Mozilla Foundation reports: CVE-2019-11708: sandbox escape using Prompt:Open Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer. Discovery 2019-06-20 Entry 2019-06-21 Modified 2019-07-09 firefox < 67.0.4,1 waterfox < 56.2.12 firefox-esr < 60.7.2,1 https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ CVE-2019-11708

VuXML ID

Description

39bc2294-ff32-4972-9ecb-b9f40b4ccb74

Mozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2019-11708: sandbox escape using Prompt:Open

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user's computer.

Discovery 2019-06-20
Entry 2019-06-21
Modified 2019-07-09
firefox

< 67.0.4,1

waterfox

< 56.2.12

firefox-esr

< 60.7.2,1

https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
CVE-2019-11708