Уязвимость в библиотеке libtremor, используемой Firefox на платформах Android и ARM (аналогичная CVE-2018-5146)
Описание
Библиотека libtremor имеет ту же уязвимость, что и CVE-2018-5146. Эта библиотека используется Firefox вместо libvorbis на платформах Android и ARM.
Затронутые версии ПО
- Firefox ESR до версии 52.7.2
- Firefox до версии 59.0.1
Тип уязвимости
Повреждение памяти
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingPermissions Required
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Issue TrackingPermissions Required
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
The libtremor library has the same flaw as CVE-2018-5146. This library ...
The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR < 52.7.2 and Firefox < 59.0.1.
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2