CVE-2018-5124

Published: 30 January 2018

Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.

Priority

High

CVSS 3 base score: 6.1

Status

Package Release Status
firefox
Launchpad, Ubuntu, Debian
Upstream
Released (58.0.1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (59.0.1+build1-0ubuntu1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (58.0.1+build1-0ubuntu0.16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [58.0.1+build1-0ubuntu0.14.04.1])