CVE-2017-5378

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-5378
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5378.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-5378
Downstream
Related
Published
2018-06-11T21:29:02Z
Modified
2025-08-09T20:01:28Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object's address can be discovered through hash codes, and also allows for data leakage of an object's content using these hash codes. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51.

References

Affected packages