60.2.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-28	CVE-2018-18493	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. network low complexity mozilla debian canonical redhat CWE-119	7.5
2019-02-28	CVE-2018-18492	Use After Free vulnerability in Mozilla Firefox and Firefox ESR A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection. network low complexity mozilla debian canonical redhat CWE-416	7.5
2019-02-28	CVE-2018-12405	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Firefox ESR 60.3. network low complexity mozilla canonical debian redhat CWE-119	7.5
2019-02-28	CVE-2018-12397	Information Exposure vulnerability in Mozilla Firefox and Firefox ESR A WebExtension can request access to local files without the warning prompt stating that the extension will "Access your data for all websites" being displayed to the user. local low complexity mozilla redhat debian canonical CWE-200	3.6
2019-02-28	CVE-2018-12396	Incorrect Permission Assignment for Critical Resource vulnerability in Mozilla Firefox and Firefox ESR A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. network mozilla debian canonical redhat CWE-732	4.3
2019-02-28	CVE-2018-12395	Unspecified vulnerability in Mozilla Firefox and Firefox ESR By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. network low complexity mozilla debian canonical redhat	5.0
2019-02-28	CVE-2018-12392	Unspecified vulnerability in Mozilla Firefox and Firefox ESR When manipulating user events in nested loops while opening a document through script, it is possible to trigger a potentially exploitable crash due to poor event handling. network low complexity mozilla debian canonical redhat	7.5
2019-02-28	CVE-2018-12391	Incorrect Authorization vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. network mozilla google CWE-863 critical	9.3
2019-02-28	CVE-2018-12390	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. network low complexity mozilla debian canonical redhat CWE-119	7.5
2019-02-28	CVE-2018-12389	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. network mozilla debian canonical redhat CWE-119	6.8