CVE-2018-12365 - log back

CVE-2018-12365 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Information disclosure
Description
+ A security issue has been found in Firefox before 61.0 and Thunderbird before 52.9 where a compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12365
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1459206
Notes