Oval Definition:	oval:com.ubuntu.disco:def:2018184990000000
Revision Date: 2019-02-28 Version: 1 Title: CVE-2018-18499 on Ubuntu 19.04 (disco) - medium. Description: A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta http-equiv="refresh" on a page to cause a redirection to another site using performance.getEntries(). This is a same-origin policy violation and could allow for data theft. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-18499 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND Package Information firefox package in disco was vulnerable but has been fixed (note: '62.0+build2-0ubuntu1'). OR mozjs52 package in disco is affected and may need fixing. OR mozjs60 package in disco is affected and may need fixing. OR thunderbird package in disco was vulnerable but has been fixed (note: '1:60.2.1+build1-0ubuntu1').
BACK