CVE-2018-12390
Severity
9.8CRITICAL
EPSS
7.2%
top 8.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 28
Latest updateMay 14
Description
Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages11 packages
Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10, Enterprise Linux 7.6, 7.5
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-7vx2-3c54-4w62: Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60↗2022-05-14
CVEList▶
CVE-2018-12390: Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60↗2019-02-28
OSV▶
CVE-2018-12390: Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60↗2019-02-28
📋Vendor Advisories
4💬Community
1Bugzilla
▶