CVE-2018-5132
Published: 14 March 2018
The Find API for WebExtensions can search some privileged pages, such as "about:debugging", if these pages are open in a tab. This could allow a malicious WebExtension to search for otherwise protected data if a user has it open. This vulnerability affects Firefox < 59.
Priority
CVSS 3 base score: 6.5
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
artful |
Released
(59.0+build5-0ubuntu0.17.10.1)
|
bionic |
Released
(59.0.1+build1-0ubuntu1)
|
|
precise |
Does not exist
|
|
trusty |
Does not exist
(trusty was released [59.0+build5-0ubuntu0.14.04.1])
|
|
upstream |
Released
(59.0)
|
|
xenial |
Released
(59.0+build5-0ubuntu0.16.04.1)
|