vulnerability

Gentoo Linux: CVE-2018-12391: Mozilla Thunderbird: Multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Nov 24, 2018	Nov 26, 2018	Aug 13, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Nov 24, 2018

Added

Nov 26, 2018

Modified

Aug 13, 2025

Description

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. *Note: this issue only affects Firefox for Android. Desktop versions of Firefox are unaffected.*. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

Solutions

gentoo-linux-upgrade-mail-client-thunderbirdgentoo-linux-upgrade-mail-client-thunderbird-bin

References

CVE-2018-12391
https://attackerkb.com/topics/CVE-2018-12391
CWE-863
GENTOO-201811-13

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today