1
PublicDateAtUSN: 2018-05-11
2
Candidate: CVE-2018-5181
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5181
6
https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/#CVE-2018-5181
7
https://usn.ubuntu.com/usn/usn-3645-1
9
If a URL using the "file:" protocol is dragged and dropped onto an open tab
10
that is running in a different child process the tab will open a local file
11
corresponding to the dropped URL, contrary to policy. One way to make the
12
target tab open more reliably in a separate process is to open it with the
13
"noopener" keyword. This vulnerability affects Firefox < 60.
19
Assigned-to: chrisccoulson
22
upstream_firefox: released (60.0)
23
precise/esm_firefox: DNE
24
trusty_firefox: released (60.0+build2-0ubuntu0.14.04.1)
25
xenial_firefox: released (60.0+build2-0ubuntu0.16.04.1)
26
artful_firefox: released (60.0+build2-0ubuntu0.17.10.1)
27
bionic_firefox: released (60.0+build2-0ubuntu1)