CVE-2018-5179
Description
A service worker can send the activate event on itself periodically which allows it to run perpetually, allowing it to monitor activity by users. Affects all versions prior to Firefox 60.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.432
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Google Chrome (70.0.3538.67) | Windows |
| Google Chrome (x64) (70.0.3538.67) | Windows |
| Vulnerability CVE-2018-5179 are affected in Mozilla Firefox (x64) 60 | Windows |
| Vulnerability CVE-2018-5179 are affected in Mozilla Firefox 60 | Windows |
| Multiple vulnerabilities are fixed in Update for Google Chrome For Mac (70.0.3538.67) | Mac |
| Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 60 | Mac |
| chromium-browser security update(DSA-4330-1) chromium_70.0.3538.67-1~deb9u1_i386.deb | Linux |
| chromium-browser security update(DSA-4330-1) chromium_70.0.3538.67-1~deb9u1_amd64.deb | Linux |
| SUSE-SU-2019:2872-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-68.2.0-109.95.2.x86_64.rpm | Linux |
| SUSE-SU-2019:2872-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-debuginfo-68.2.0-109.95.2.x86_64.rpm | Linux |
| SUSE-SU-2019:2872-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-debugsource-68.2.0-109.95.2.x86_64.rpm | Linux |
| SUSE-SU-2019:2872-1(SUSE Linux Enterprise Desktop 12-SP4 ) MozillaFirefox-translations-common-68.2.0-109.95.2.x86_64.rpm | Linux |
| Google Chrome (70.0.3538.67) (For Debian) | Linux |
| Google Chrome (70.0.3538.67) (For Centos) | Linux |
| Google Chrome (70.0.3538.67) (For RedHat) | Linux |
| Google Chrome (70.0.3538.67) (For Suse) | Linux |
| Google Chrome (70.0.3538.67) (For Ubuntu) | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-308242 | Google Chrome (70.0.3538.67) |
| PATCH-308251 | Google Chrome (x64) (70.0.3538.67) |
| PATCH-343016 | Mozilla Firefox (x64) (132.0.2) |
| PATCH-343015 | Mozilla Firefox (132.0.2) |
| PATCH-609673 | Google Chrome for Mac (132.0.6834.83, 132.0.6834.84) |
| PATCH-611870 | Mozilla Firefox For Mac (142.0.1) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234