FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
7c3a02b9-3273-4426-a0ba-f90fad2ff72emozilla -- multiple vulnerabilities

Mozilla Foundation reports:

CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin

CVE-2018-12392: Crash with nested event loops

CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript

CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting

CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts

CVE-2018-12397:

CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs

CVE-2018-12399: Spoofing of protocol registration notification bar

CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android

CVE-2018-12401: DOS attack through special resource URI parsing

CVE-2018-12402: SameSite cookies leak when pages are explicitly saved

CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP

CVE-2018-12388: Memory safety bugs fixed in Firefox 63

CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3


Discovery 2018-10-23
Entry 2018-10-23
Modified 2019-07-23
firefox
< 63.0_1,1

waterfox
< 56.2.5

seamonkey
linux-seamonkey
< 2.53.0

firefox-esr
< 60.3.0,1

linux-firefox
< 60.3.0,2

libxul
thunderbird
linux-thunderbird
< 60.3.0

CVE-2018-12388
CVE-2018-12390
CVE-2018-12391
CVE-2018-12392
CVE-2018-12393
CVE-2018-12395
CVE-2018-12396
CVE-2018-12397
CVE-2018-12398
CVE-2018-12399
CVE-2018-12400
CVE-2018-12401
CVE-2018-12402
CVE-2018-12403
https://www.mozilla.org/en-US/security/advisories/mfsa2018-26/
https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/