The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
On Android systems, Firefox can load a library from APITRACE_LIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. *Note: This issue only affects Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 66.
Base Score: 5.8
Impact Score: 4.9
Exploitability Score: 8.6
Base Score: 7.4
Impact Score: 5.2
Exploitability Score: 2.2
|700487||Mozilla Firefox < 66.0 Multiple Vulnerabilities||Nessus Network Monitor||Web Clients|
|122959||FreeBSD : mozilla -- multiple vulnerabilities (05da6b56-3e66-4306-9ea3-89fafe939726)||Nessus||FreeBSD Local Security Checks|
|122948||Mozilla Firefox < 66.0||Nessus||Windows|
|122947||Mozilla Firefox < 66.0||Nessus||MacOS X Local Security Checks|