Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-25136

Опубликовано: 19 июн. 2023
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 10

Описание

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

code not present
esm-infra/focal

DNE

focal

not-affected

jammy

not-affected

code not present
kinetic

not-affected

code not present
lunar

not-affected

code not present
trusty

ignored

end of standard support
upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

not-affected

esm-infra/focal

DNE

focal

not-affected

jammy

not-affected

kinetic

not-affected

lunar

not-affected

trusty

ignored

end of standard support
upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%
0.00325
Низкий

10 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-25136

CVSS3: 8
redhat
около 2 лет назад

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.

nvd логотип

CVE-2019-25136

CVSS3: 10
nvd
около 2 лет назад

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.

debian логотип

CVE-2019-25136

CVSS3: 10
debian
около 2 лет назад

A compromised child process could have injected XBL Bindings into priv ...

github логотип

GHSA-x428-6vv2-wx8p

CVSS3: 10
github
около 2 лет назад

A compromised child process could have injected XBL Bindings into privileged CSS rules, resulting in arbitrary code execution and a sandbox escape. This vulnerability affects Firefox < 70.

fstec логотип

BDU:2023-03818

CVSS3: 10
fstec
больше 6 лет назад

Уязвимость веб-браузера Firefox, связанная с недостаточной нейтрализацией специальных элементов в запросе, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 55%
0.00325
Низкий

10 Critical

CVSS3