CVE-2018-12367 - log back

CVE-2018-12367 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in Firefox before 61.0 and Thunderbird before 60.0. In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work, PerformanceNavigationTiming was not adjusted but it was found that it could be used as a precision timer.
References
+ https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/#CVE-2018-12367
+ https://bugzilla.mozilla.org/show_bug.cgi?id=1462891
Notes