0.7.1

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-11	CVE-2017-5383	Improper Input Validation vulnerability in multiple products URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. network low complexity debian redhat mozilla CWE-20	5.0
2018-06-11	CVE-2017-5380	Use After Free vulnerability in multiple products A potential use-after-free found through fuzzing during DOM manipulation of SVG content. network low complexity debian redhat mozilla CWE-416	7.5
2018-06-11	CVE-2017-5378	Information Exposure vulnerability in multiple products Hashed codes of JavaScript objects are shared between pages. network low complexity debian redhat mozilla CWE-200	5.0
2018-06-11	CVE-2017-5376	Use After Free vulnerability in multiple products Use-after-free while manipulating XSL in XSLT documents. network low complexity debian redhat mozilla CWE-416	7.5
2018-06-11	CVE-2017-5375	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. network low complexity redhat mozilla debian CWE-119	7.5
2018-06-11	CVE-2017-5373	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. network low complexity mozilla debian redhat CWE-119	7.5
2018-06-11	CVE-2016-9905	Improper Access Control vulnerability in multiple products A potentially exploitable crash in "EnumerateSubDocuments" while adding or removing sub-documents. network redhat debian mozilla CWE-284	6.8
2018-06-11	CVE-2016-9904	Information Exposure vulnerability in multiple products An attacker could use a JavaScript Map/Set timing attack to determine whether an atom is used by another compartment/zone in specific contexts. network low complexity redhat debian mozilla CWE-200	5.0
2018-06-11	CVE-2016-9900	7PK - Security Features vulnerability in multiple products External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. network low complexity debian redhat mozilla CWE-254	5.0
2018-06-11	CVE-2016-9899	Use After Free vulnerability in multiple products Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. network low complexity debian redhat mozilla CWE-416 critical	9.8