[3.7] firefox-esr: Multiple vulnerabilities (CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, CVE-2018-5183)ID: oval:org.secpod.oval:def:1800980 | Date: (C)2018-05-25 (M)2024-04-17 |
Class: PATCH | Family: unix |
CVE-2018-5150: Memory safety bugs CVE-2018-5154: Use-after-free with SVG animations and clip paths CVE-2018-5155: Use-after-free with SVG animations and text paths CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer CVE-2018-5159: Integer overflow and out-of-bounds write in Skia CVE-2018-5168: Lightweight themes can be installed without user interaction CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension CVE-2018-5183: Backport critical security fixes in Skia Fixed In:¶ Firefox ESR 52.8
Platform: |
Alpine Linux 3.7 |