5.3
CVE-2018-12403
- EPSS 1.87%
- Veröffentlicht 28.02.2019 18:29:01
- Zuletzt bearbeitet 21.11.2024 03:45:09
- CVE-Watchlists
- Unerledigt
If a site is loaded over a HTTPS connection but loads a favicon resource over HTTP, the mixed content warning is not displayed to users. This vulnerability affects Firefox < 63.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version18.10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.87% | 0.766 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://www.securityfocus.com/bid/105721
http://www.securitytracker.com/id/1041944
https://usn.ubuntu.com/3801-1/
https://www.mozilla.org/security/advisories/mfsa2018-26/
https://bugzilla.mozilla.org/show_bug.cgi?id=1484753