CVE-2018-5179

Опубликовано: 16 окт. 2018

Источник: redhat

CVSS3: 4.3

EPSS Низкий

Описание

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1640114chromium-browser: Lack of limits on update() in ServiceWorker

EPSS

Процентиль: 62%

0.00432

Низкий

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2018-5179

CVSS3: 7.5

ubuntu

почти 7 лет назад

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

CVE-2018-5179

CVSS3: 7.5

nvd

почти 7 лет назад

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

CVE-2018-5179

CVSS3: 7.5

debian

почти 7 лет назад

A service worker can send the activate event on itself periodically wh ...

GHSA-8j5m-6wvx-8fqm

CVSS3: 7.5

github

больше 3 лет назад

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

BDU:2019-04383

CVSS3: 7.5

fstec

почти 8 лет назад

Уязвимость скрипта ServiceWorker браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 62%

0.00432

Низкий

4.3 Medium

CVSS3