Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-5094

Опубликовано: 11 июн. 2018
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 5
CVSS3: 7.5

Описание

A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58.

РелизСтатусПримечание
artful

released

58.0+build6-0ubuntu0.17.10.1
bionic

released

59.0.1+build1-0ubuntu1
cosmic

released

59.0.1+build1-0ubuntu1
devel

released

59.0.1+build1-0ubuntu1
disco

released

59.0.1+build1-0ubuntu1
eoan

released

59.0.1+build1-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [58.0+build6-0ubuntu0.14.04.1]]
esm-infra/focal

DNE

focal

released

59.0.1+build1-0ubuntu1
groovy

released

59.0.1+build1-0ubuntu1

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needs-triage
cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

ignored

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was deferred
cosmic

ignored

end of life
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/focal

not-affected

code not present
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code not present
focal

ignored

end of standard support, was deferred

Показывать по

Ссылки на источники

EPSS

Процентиль: 97%
0.3543
Средний

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-5094

CVSS3: 7.5
nvd
больше 7 лет назад

A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58.

debian логотип

CVE-2018-5094

CVSS3: 7.5
debian
больше 7 лет назад

A heap buffer overflow vulnerability may occur in WebAssembly when "sh ...

github логотип

GHSA-63jx-r2g4-24w2

CVSS3: 7.5
github
больше 3 лет назад

A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. This results in a potentially exploitable crash. This vulnerability affects Firefox < 58.

fstec логотип

BDU:2018-00878

CVSS3: 7.5
fstec
около 8 лет назад

Уязвимость компонента WebAssembly браузера Mozilla Firefox, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 97%
0.3543
Средний

5 Medium

CVSS2

7.5 High

CVSS3