Lucene search
PRIOn knowledge basePRION:CVE-2018-12395HistoryFeb 28, 2019 - 6:29 p.m.
Design/Logic Flaw
2019-02-2818:29:00
PRIOn knowledge base
www.prio-n.com
7
By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.
References
www.securityfocus.com/bid/105718
www.securitytracker.com/id/1041944
access.redhat.com/errata/RHSA-2018:3005
access.redhat.com/errata/RHSA-2018:3006
bugzilla.mozilla.org/show_bug.cgi?id=1467523
lists.debian.org/debian-lts-announce/2018/11/msg00008.html
security.gentoo.org/glsa/201811-04
usn.ubuntu.com/3801-1/
www.debian.org/security/2018/dsa-4324
www.mozilla.org/security/advisories/mfsa2018-26/
www.mozilla.org/security/advisories/mfsa2018-27/
Related
redhatcve
redhatcve
CVE-2018-12395
2020-04-07 11:09:29
cve
cve
CVE-2018-12395
2019-02-28 18:29:00
ubuntucve
ubuntucve
CVE-2018-12395
2018-10-24 00:00:00
debiancve
debiancve
CVE-2018-12395
2019-02-28 18:29:00
veracode
veracode
Privilege Escalation
2019-05-16 03:18:10
cvelist
cvelist
CVE-2018-12395
2019-02-28 18:00:00
nvd
nvd
CVE-2018-12395
2019-02-28 18:29:00
openvas
openvas
Mozilla Firefox ESR Security Advisories (MFSA2018-24, MFSA2018-24) - Windows
2018-10-24 00:00:00
CentOS Update for firefox CESA-2018:3006 centos6
2018-10-26 00:00:00
nessus
nessus
RHEL 6 : firefox (RHSA-2018:3006)
2018-10-25 00:00:00
SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2018:3656-1)
2019-01-02 00:00:00
RHEL 7 : firefox (RHSA-2018:3005)
2018-10-25 00:00:00
ibm
ibm
Security Bulletin: Multiple Mozilla Firefox vulnerabilities in IBM SONAS
2019-05-02 07:45:01
debian
debian
[SECURITY] [DSA 4324-1] firefox-esr security update
2018-10-24 20:38:22
[SECURITY] [DLA 1571-1] firefox-esr security update
2018-11-07 21:05:22
centos
centos
firefox security update
2018-10-25 21:25:23
firefox security update
2018-10-25 21:44:35
mageia
mageia
Updated firefox packages fix security vulnerabilities
2018-10-27 12:45:46
redhat
redhat
(RHSA-2018:3006) Critical: firefox security update
2018-10-24 20:53:08
(RHSA-2018:3005) Critical: firefox security and bug fix update
2018-10-24 20:52:57
suse
suse
Security update for Mozilla Firefox (important)
2018-10-25 15:21:20
gentoo
gentoo
Mozilla Firefox: Multiple vulnerabilities
2018-11-09 00:00:00
oraclelinux
oraclelinux
firefox security and bug fix update
2018-10-24 00:00:00
firefox security update
2018-11-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package firefox-esr version 60.3.0-alt1
2018-10-23 00:00:00
osv
osv
firefox-esr - security update
2018-11-07 00:00:00
firefox-esr - security update
2018-10-24 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox ESR 60.3 — Mozilla
2018-10-23 00:00:00
Security vulnerabilities fixed in Firefox 63 — Mozilla
2018-10-23 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2018-10-24 00:00:00
Firefox regressions
2018-11-23 00:00:00
archlinux
archlinux
[ASA-201810-14] firefox: multiple issues
2018-10-24 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-10-23 00:00:00
kaspersky
kaspersky
KLA11341 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2018-10-23 00:00:00