MGASA-2018-0305

Advisory lineage Upstream: 9 Downstream: 0

Upstream

CVE-2018-12359 CVE-2018-12360 CVE-2018-12362 CVE-2018-12363 CVE-2018-12364 CVE-2018-12365

Published: 01 Jul 2018, 17:17

Last modified:16 Apr 2026, 06:26

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

01 Jul 2018, 17:17

Published

Vulnerability first disclosed

16 Apr 2026, 06:26

Last Modified

Vulnerability information updated

Description

Updated firefox packages fix security vulnerability Mozilla: Memory safety bugs fixed in Firefox ESR 52.9 (CVE-2018-5188). Mozilla: Buffer overflow using computed size of canvas element (CVE-2018-12359). Mozilla: Use-after-free using focus() (CVE-2018-12360). Mozilla: Media recorder segmentation fault when track type is changed during capture (CVE-2018-5156). Mozilla: Integer overflow in SSSE3 scaler (CVE-2018-12362). Mozilla: Use-after-free when appending DOM nodes (CVE-2018-12363). Mozilla: CSRF attacks through 307 redirects and NPAPI plugins (CVE-2018-12364). Mozilla: Compromised IPC child process can list local filenames (CVE-2018-12365). Mozilla: Invalid data handling during QCMS transformations (CVE-2018-12366).

Affected Systems

mageia•firefox
< 52.9.0-1.mga6
mageia•firefox-l10n
< 52.9.0-1.mga6

MGASA-2018-0305

Vulnerability Summary

Timeline

Description

Affected Systems

References (5)