Vulnerabilities > Mozilla > Firefox > 0.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2018-5095 | Use of Uninitialized Resource vulnerability in multiple products An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. | 7.5 |
| 2018-06-11 | CVE-2018-5094 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow vulnerability may occur in WebAssembly when "shrinkElements" is called followed by garbage collection on memory that is now uninitialized. | 5.0 |
| 2018-06-11 | CVE-2018-5093 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap buffer overflow vulnerability may occur in WebAssembly during Memory/Table resizing, resulting in a potentially exploitable crash. | 5.0 |
| 2018-06-11 | CVE-2018-5092 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. | 7.5 |
| 2018-06-11 | CVE-2018-5091 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. | 7.5 |
| 2018-06-11 | CVE-2018-5090 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 57. | 10.0 |
| 2018-06-11 | CVE-2018-5089 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. | 7.5 |
| 2018-06-11 | CVE-2017-7845 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. | 9.3 |
| 2018-06-11 | CVE-2017-7844 | Information Exposure vulnerability in Mozilla Firefox A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. | 4.3 |
| 2018-06-11 | CVE-2017-7843 | Information Exposure vulnerability in multiple products When Private Browsing mode is used, it is possible for a web worker to write persistent data to IndexedDB and fingerprint a user uniquely. | 5.0 |