CVE-2018-5179

Опубликовано: 26 апр. 2019

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

Релиз	Статус	Примечание
bionic	released	70.0.3538.67-0ubuntu0.18.04.1
cosmic	released	70.0.3538.67-0ubuntu0.18.10.1
devel	released	70.0.3538.67-0ubuntu0.18.10.1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [no longer updated]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [no longer updated]
upstream	released	70.0.3538.67
xenial	released	70.0.3538.67-0ubuntu0.16.04.1

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [Ubuntu touch end-of-life]]
esm-infra/xenial	ignored	Ubuntu touch end-of-life
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [Ubuntu touch end-of-life]
upstream	needs-triage
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2018-5179

EPSS

Процентиль: 62%

0.00432

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2018-5179

CVSS3: 4.3

redhat

больше 7 лет назад

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

CVE-2018-5179

CVSS3: 7.5

nvd

почти 7 лет назад

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

CVE-2018-5179

CVSS3: 7.5

debian

почти 7 лет назад

A service worker can send the activate event on itself periodically wh ...

GHSA-8j5m-6wvx-8fqm

CVSS3: 7.5

github

больше 3 лет назад

A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.

BDU:2019-04383

CVSS3: 7.5

fstec

почти 8 лет назад

Уязвимость скрипта ServiceWorker браузера Google Chrome, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 62%

0.00432

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2018-5179

Описание

Пакет chromium-browser

Пакет oxide-qt

Ссылки на источники

Связанные уязвимости