CVE-2018-12403 |
Low |
Yes |
Content spoofing |
A security issue has been found in Firefox versions prior to 63.0, where if a site is loaded over a HTTPS connection but loads a favicon resource over HTTP,... |
CVE-2018-12402 |
Low |
Yes |
Information disclosure |
A security issue has been found in Firefox versions prior to 63.0, where SameSite cookies are sent on cross-origin requests when the "Save Page As..." menu... |
CVE-2018-12401 |
Low |
Yes |
Denial of service |
A security issue has been found in Firefox versions prior to 63.0, where some special resource URIs will cause a non-exploitable crash if loaded with... |
CVE-2018-12399 |
Low |
Yes |
Content spoofing |
A security issue has been found in Firefox versions prior to 63.0, where when a new protocol handler is registered, the API accepts a title argument which... |
CVE-2018-12398 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in Firefox versions prior to 63.0, where it is possible to inject stylesheets and bypass Content Security Policy (CSP) by... |
CVE-2018-12397 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in Firefox versions prior to 63.0, where a WebExtension can request access to local files without the warning prompt stating... |
CVE-2018-12396 |
Medium |
Yes |
Privilege escalation |
A security issue has been found in Firefox versions prior to 63.0, where a WebExtension can run content scripts in disallowed contexts following navigation... |
CVE-2018-12395 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in Firefox versions prior to 63.0, where by rewriting the Host request headers using the webRequest API, a WebExtension can... |
CVE-2018-12392 |
Critical |
Yes |
Arbitrary code execution |
A security issue has been found in Firefox and Thunderbird versions prior to 63.0. When manipulating user events in nested loops while opening a document... |
CVE-2018-12390 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety bugs have been found in Firefox and Thunderbird versions prior to 63.0. Some of these bugs showed evidence of memory corruption and... |
CVE-2018-12388 |
Critical |
Yes |
Arbitrary code execution |
Several memory safety bugs have been found in Firefox versions prior to 63.0. Some of these bugs showed evidence of memory corruption and Mozilla engineers... |