Mozilla Firefox is vulnerable to privilege escalation. The vulnerability exists in an unknown functionality of the component WebExtension. An attacker could run content scripts in local pages without permission warnings when a local file is opened resulting in a privilege escalation.
www.securityfocus.com/bid/105718
www.securitytracker.com/id/1041944
access.redhat.com/errata/RHSA-2018:3005
access.redhat.com/errata/RHSA-2018:3006
access.redhat.com/security/updates/classification/#critical
bugzilla.mozilla.org/show_bug.cgi?id=1487478
bugzilla.redhat.com/show_bug.cgi?id=1638082
lists.debian.org/debian-lts-announce/2018/11/msg00008.html
security.gentoo.org/glsa/201811-04
usn.ubuntu.com/3801-1/
www.debian.org/security/2018/dsa-4324
www.mozilla.org/en-US/security/advisories/mfsa2018-27/
www.mozilla.org/security/advisories/mfsa2018-26/
www.mozilla.org/security/advisories/mfsa2018-27/