Lucene search
Redhat.comRH:CVE-2018-18497HistoryApr 04, 2019 - 7:50 a.m.
CVE-2018-18497
2019-04-0407:50:17
redhat.com
access.redhat.com
11
0.003 Low
EPSS
Percentile
65.6%
Limitations on the URIs allowed to WebExtensions by the browser.windows.create API can be bypassed when a pipe in the URL field is used within the extension to load multiple pages as a single argument. This could allow a malicious WebExtension to open privileged about: or file: locations. This vulnerability affects Firefox < 64.
Related
ubuntucve
ubuntucve
CVE-2018-18497
2018-12-11 00:00:00
prion
prion
Design/Logic Flaw
2019-02-28 18:29:00
nvd
nvd
CVE-2018-18497
2019-02-28 18:29:01
cvelist
cvelist
CVE-2018-18497
2019-02-28 18:00:00
debiancve
debiancve
CVE-2018-18497
2019-02-28 18:29:01
cve
cve
CVE-2018-18497
2019-02-28 18:29:01
nessus
nessus
RHEL 8 : firefox (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 : firefox (Unpatched Vulnerability)
2024-05-11 00:00:00
archlinux
archlinux
[ASA-201812-9] firefox: multiple issues
2018-12-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3844-1)
2018-12-12 00:00:00
Mozilla Firefox Security Advisory (MFSA2018-29) - Linux
2021-11-08 00:00:00
Mozilla Firefox Security Advisories (MFSA2018-28, MFSA2018-30) - Mac OS X
2018-12-13 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2018-12-11 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2018-12-11 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 64 — Mozilla
2018-12-11 00:00:00
kaspersky
kaspersky
KLA11389 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR
2018-12-11 00:00:00