vulnerability
Red Hat: CVE-2018-12363: Critical: firefox security update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Jun 26, 2018 | Jun 29, 2018 | Mar 3, 2021 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Jun 26, 2018
Added
Jun 29, 2018
Modified
Mar 3, 2021
Description
A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node still having a pointer referencing it. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61.
Solutions
redhat-upgrade-firefoxredhat-upgrade-firefox-debuginforedhat-upgrade-thunderbirdredhat-upgrade-thunderbird-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.