VDB

GCVE-110-MAGEIA-2018-99

GCVE-110-MAGEIA-2018-99
Advisory Published
Vulnetix · Advisory published January 25, 2018
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox (CVE-2018-5089, CVE-2018-5091, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117). To mitigate timing-based side-channel attacks similar to "Spectre" and "Meltdown", the resolution of performance.now() has been reduced from 5μs to 20μs.

Affected Products

VendorProductVersionsPlatforms
Mageiaknewstuff0 (affected), 5.42.0-1.3.mga6 (unaffected)
Mageianss0 (affected), 3.28.6-1.3.mga5 (unaffected), 0 (affected), 3.28.6-1.3.mga5 (unaffected)
Mageiakbookmarks0 (affected), 5.42.0-1.2.mga6 (unaffected)
Mageiarootcerts0 (affected), 20180104.00-1.mga5 (unaffected), 0 (affected), 20180104.00-1.mga5 (unaffected)
Mageiafirefox-l10n0 (affected), 52.6.0-1.mga5 (unaffected), 0 (affected), 52.6.0-1.mga5 (unaffected)
Mageiakcmutils0 (affected), 5.42.0-1.2.mga6 (unaffected)
Mageianspr0 (affected), 4.18-1.mga5 (unaffected), 0 (affected), 4.18-1.mga5 (unaffected)
Mageiakitemviews5.42.0-1.2.mga6 (unaffected), 0 (affected)
Mageiakcompletion0 (affected), 5.42.0-2.2.mga6 (unaffected)
Mageiaknotifyconfig0 (affected), 5.42.0-1.2.mga6 (unaffected)
Mageiakunitconversion0 (affected), 5.42.0-1.2.mga6 (unaffected)
Mageiafirefox0 (affected), 52.6.0-1.mga5 (unaffected), 52.6.0-1.mga5 (unaffected), 0 (affected)
Mageiaktextwidgets0 (affected), 5.42.0-1.2.mga6 (unaffected)
Mageiakdnssd0 (affected), 5.42.0-1.2.mga6 (unaffected)
Mageiakpty0 (affected), 5.42.0-1.2.mga6 (unaffected)
Mageiakxmlrpcclient5.42.0-1.2.mga6 (unaffected), 0 (affected)
Mageiakjobwidgets0 (affected), 5.42.0-1.2.mga6 (unaffected)

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›