Описание
If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 60.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5153
EPSS
Связанные уязвимости
If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.
If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.
If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.
If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupted. This can result in an out-of-bounds read with the read memory sent to the originating server in response. This vulnerability affects Firefox < 60.
Уязвимость компонента WebSocket браузера Firefox, позволяющая нарушителю раскрыть защищаемую информацию
EPSS