Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-18495

Опубликовано: 28 фев. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.

РелизСтатусПримечание
bionic

released

64.0+build3-0ubuntu0.18.04.1
cosmic

released

64.0+build3-0ubuntu0.18.10.1
devel

released

64.0+build3-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [64.0+build3-0ubuntu0.14.04.1]]
precise/esm

DNE

trusty

released

64.0+build3-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [64.0+build3-0ubuntu0.14.04.1]
upstream

released

64.0
xenial

released

64.0+build3-0ubuntu0.16.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%
0.00328
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-18495

CVSS3: 6.5
redhat
около 7 лет назад

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.

nvd логотип

CVE-2018-18495

CVSS3: 6.5
nvd
почти 7 лет назад

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.

debian логотип

CVE-2018-18495

CVSS3: 6.5
debian
почти 7 лет назад

WebExtension content scripts can be loaded into about: pages in some c ...

github логотип

GHSA-c244-84j9-388q

CVSS3: 6.5
github
больше 3 лет назад

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.

fstec логотип

BDU:2020-00784

CVSS3: 6.5
fstec
почти 7 лет назад

Уязвимость компонента WebExtension браузера Firefox, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 55%
0.00328
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3