Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-7843

Опубликовано: 11 июн. 2018
Источник: ubuntu
Приоритет: medium
CVSS2: 5
CVSS3: 7.5

Описание

When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1.

РелизСтатусПримечание
artful

released

57.0.1+build2-0ubuntu0.17.10.1
bionic

released

57.0.1+build2-0ubuntu1
devel

released

57.0.1+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [57.0.1+build2-0ubuntu0.14.04.1]]
precise/esm

DNE

trusty

released

57.0.1+build2-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [57.0.1+build2-0ubuntu0.14.04.1]
upstream

released

57.0.1
xenial

released

57.0.1+build2-0ubuntu0.16.04.1
zesty

released

57.0.1+build2-0ubuntu0.17.04.1

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-7843

CVSS3: 7.5
redhat
почти 8 лет назад

When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1.

nvd логотип

CVE-2017-7843

CVSS3: 7.5
nvd
больше 7 лет назад

When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1.

debian логотип

CVE-2017-7843

CVSS3: 7.5
debian
больше 7 лет назад

When Private Browsing mode is used, it is possible for a web worker to ...

suse-cvrf логотип

openSUSE-SU-2017:3272-1

suse-cvrf
почти 8 лет назад

Security update for MozillaFirefox

github логотип

GHSA-rpf5-xpfp-546f

CVSS3: 7.5
github
больше 3 лет назад

When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. IndexedDB should not be available in Private Browsing mode and this stored data will persist across multiple private browsing mode sessions because it is not cleared when exiting. This vulnerability affects Firefox ESR < 52.5.2 and Firefox < 57.0.1.

5 Medium

CVSS2

7.5 High

CVSS3