Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-12371

Опубликовано: 09 июл. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.8

Описание

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.

РелизСтатусПримечание
artful

released

61.0+build3-0ubuntu0.17.10.1
bionic

released

61.0+build3-0ubuntu0.18.04.1
devel

released

61.0.1+build1-0ubuntu0.18.04.1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [61.0+build3-0ubuntu0.14.04.2]]
precise/esm

DNE

trusty

released

61.0+build3-0ubuntu0.14.04.2
trusty/esm

DNE

trusty was released [61.0+build3-0ubuntu0.14.04.2]
upstream

released

61.0
xenial

released

61.0+build3-0ubuntu0.16.04.2

Показывать по

Ссылки на источники

EPSS

Процентиль: 65%
0.00495
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-12371

CVSS3: 8.8
redhat
больше 7 лет назад

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.

nvd логотип

CVE-2018-12371

CVSS3: 8.8
nvd
больше 5 лет назад

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.

debian логотип

CVE-2018-12371

CVSS3: 8.8
debian
больше 5 лет назад

An integer overflow vulnerability in the Skia library when allocating ...

github логотип

GHSA-jvm4-fpvm-vr72

CVSS3: 8.8
github
больше 3 лет назад

An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 16 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR < 60.1, Thunderbird < 60, and Firefox < 61.

fstec логотип

BDU:2019-03471

CVSS3: 6.1
fstec
больше 7 лет назад

Уязвимость библиотеки Skia браузеров Firefox и Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 65%
0.00495
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3