Security vulnerabilities fixed in Firefox 65.0.1

2019-02-12T00:00:00
ID MFSA2019-04
Type mozilla
Reporter Mozilla Foundation
Modified 2019-02-12T00:00:00

Description

A use-after-free vulnerability in the Skia library can occur when creating a path, leading to a potentially exploitable crash. An integer overflow vulnerability in the Skia library can occur after specific transform operations, leading to a potentially exploitable crash. Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. Note: This only affects Firefox 65. Previous versions are unaffected.