The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
A combination of an external SVG image referenced on a page and the coloring of anchor links stored within this image can be used to determine which pages a user has in their history. This can allow a malicious website to query user history. Note: This issue only affects Firefox 57. Earlier releases are not affected. This vulnerability affects Firefox < 57.0.1.
Base Score: 4.3
Impact Score: 2.9
Exploitability Score: 8.6
Base Score: 6.5
Impact Score: 3.6
Exploitability Score: 2.8
|700323||Mozilla Firefox < 57.0.1 Multiple Vulnerabilities||Nessus Network Monitor||Web Clients|
|700322||Mozilla Firefox < 57 Multiple Vulnerabilities||Nessus Network Monitor||Web Clients|
|106884||GLSA-201802-03 : Mozilla Firefox: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|
|105040||Mozilla Firefox < 57.0.1 Multiple Vulnerabilities||Nessus||Windows|
|105039||Mozilla Firefox < 57.0.1 Multiple Vulnerabilities (macOS)||Nessus||MacOS X Local Security Checks|
|105026||FreeBSD : mozilla -- multiple vulnerabilities (b7e23050-2d5d-4e61-9b48-62e89db222ca)||Nessus||FreeBSD Local Security Checks|