CVE-2018-12390

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-12390

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-12390.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-12390

Downstream

DEBIAN-CVE-2018-12390

DLA-1571-1

DLA-1575-1

DSA-4324-1

DSA-4337-1

RHSA-2018:3005

RHSA-2018:3006

RHSA-2018:3531

RHSA-2018:3532

SUSE-SU-2018:3656-1

SUSE-SU-2018:3749-1

SUSE-SU-2018:3749-2

SUSE-SU-2018:3749-3

SUSE-SU-2018:3769-1

UBUNTU-CVE-2018-12390

USN-3801-1

USN-3868-1

openSUSE-SU-2018:3687-1

openSUSE-SU-2024:10600-1

openSUSE-SU-2024:10601-1

openSUSE-SU-2024:14572-1

Related

Published

2019-02-28T18:29:00Z

Modified

2025-08-09T20:01:27Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3.

References

Affected packages