Home

CVE-2018-18511

Description

Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1.

Risk Information

Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.816

Associated Vulnerability

VulnerabilityOS Platform
Vulnerability CVE-2018-18511 are affected in Mozilla Firefox (x64) 65.0Windows
Vulnerability CVE-2018-18511 are affected in Mozilla Firefox 65.0Windows
Vulnerabilities CVE-2018-18511 are affected in Mozilla Firefox for Mac 65.0Mac
firefox-esr security update(DSA-4411-1) firefox-esr_60.7.0esr-1~deb9u1_i386.debLinux
firefox-esr security update(DSA-4411-1) firefox-esr_60.7.0esr-1~deb9u1_amd64.debLinux
thunderbird security update(DSA-4420-1) thunderbird_60.7.0-1~deb9u1_i386.debLinux
firefox-esr security update(DSA-4448-1) firefox-esr_60.7.0esr-1~deb9u1_i386.debLinux
firefox-esr security update(DSA-4448-1) firefox-esr_60.7.0esr-1~deb9u1_amd64.debLinux
thunderbird security update(DSA-4451-1) thunderbird_60.7.0-1~deb9u1_i386.debLinux
thunderbird security update(DSA-4451-1) thunderbird_60.7.0-1~deb9u1_amd64.debLinux
(RHSA-2019:1269) firefox security update firefox-60.7.0-1.el8_0.x86_64.rpmLinux
(RHSA-2019:1269) firefox security update firefox-debugsource-60.7.0-1.el8_0.x86_64.rpmLinux
(RHSA-2019:1308) thunderbird security update thunderbird-60.7.0-1.el8_0.x86_64.rpmLinux
(RHSA-2019:1308) thunderbird security update thunderbird-debugsource-60.7.0-1.el8_0.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-343016Mozilla Firefox (x64) (132.0.2)
PATCH-343015Mozilla Firefox (132.0.2)
PATCH-611870Mozilla Firefox For Mac (142.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234