Описание
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 62.0.3+build1-0ubuntu0.18.04.1 |
| cosmic | released | 62.0.3+build1-0ubuntu1 |
| devel | released | 62.0.3+build1-0ubuntu1 |
| disco | released | 62.0.3+build1-0ubuntu1 |
| eoan | released | 62.0.3+build1-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [62.0.3+build1-0ubuntu0.14.04.2]] |
| esm-infra/focal | DNE | |
| focal | released | 62.0.3+build1-0ubuntu1 |
| groovy | released | 62.0.3+build1-0ubuntu1 |
| hirsute | released | 62.0.3+build1-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/bionic | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | DNE | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/focal | ignored | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | ignored | |
| focal | ignored | |
| groovy | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:60.4.0+build2-0ubuntu0.18.04.1 |
| cosmic | released | 1:60.4.0+build2-0ubuntu0.18.10.1 |
| devel | released | 1:60.4.0+build2-0ubuntu1 |
| disco | released | 1:60.4.0+build2-0ubuntu1 |
| eoan | released | 1:60.4.0+build2-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| esm-infra/focal | DNE | |
| focal | released | 1:60.4.0+build2-0ubuntu1 |
| groovy | released | 1:60.4.0+build2-0ubuntu1 |
| hirsute | released | 1:60.4.0+build2-0ubuntu1 |
Показывать по
EPSS
5.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
A vulnerability in register allocation in JavaScript can lead to type ...
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR < 60.2.2 and Firefox < 62.0.3.
Уязвимость веб-браузеров Firefox, Firefox ESR, связанная с ошибками преобразования типов данных, позволяющая нарушителю выполнить произвольный код
EPSS
5.8 Medium
CVSS2
8.1 High
CVSS3