[3.6] firefox-esr: Multiple vulnerabilities (CVE-2017-7793, CVE-2017-7818, CVE-2017-7819, CVE-2017-7824, CVE-2017-7805, CVE-2017-7814, CVE-2017-7825, CVE-2017-7823, CVE-2017-7810)ID: oval:org.secpod.oval:def:1800537 | Date: (C)2018-03-28 (M)2023-12-20 |
Class: PATCH | Family: unix |
CVE-2017-7793: Use-after-free with Fetch API CVE-2017-7818: Use-after-free during ARIA array manipulation CVE-2017-7819: Use-after-free while resizing images in design mode CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces CVE-2017-7823: CSP sandbox directive did not create a unique origin CVE-2017-7810: Memory safety bugs Fixed in: Firefox ESR 52.4
Platform: |
Alpine Linux 3.6 |