CVE-2018-5135

Reference Links

• https://bugzilla.mozilla.org/show_bug.cgi?id=1431371
• https://www.mozilla.org/security/advisories/mfsa2018-06/
• https://usn.ubuntu.com/3596-1/
• http://www.securityfocus.com/bid/103386
• http://www.securitytracker.com/id/1040514
• https://launchpad.net/bugs/cve/CVE-2018-5135
• https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
• https://security-tracker.debian.org/tracker/CVE-2018-5135
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5135
• https://nvd.nist.gov/vuln/detail/CVE-2018-5135
• https://ubuntu.com/security/CVE-2018-5135

Parent vulnerabilities

(Appears in the following advisories)

• MFSA2018-06

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2018-5127
• CVE-2018-5128
• CVE-2018-5129
• CVE-2018-5130
• CVE-2018-5131
• CVE-2018-5132
• CVE-2018-5133
• CVE-2018-5134
• CVE-2018-5135
• CVE-2018-5136
• CVE-2018-5137
• CVE-2018-5138
• CVE-2018-5140
• CVE-2018-5141
• CVE-2018-5142
• CVE-2018-5143
• CVE-2018-5126
• CVE-2018-5125

Frequently Asked Questions

• What is CVE-2018-5135?

  CVE-2018-5135 is a vulnerability that allows WebExtensions to bypass normal restrictions and inject scripts into contexts where it should not be allowed.

• Which software is affected by CVE-2018-5135?

  Firefox versions prior to 59 are affected by CVE-2018-5135.

• What is the severity of CVE-2018-5135?

  The severity of CVE-2018-5135 is high (CVSS score of 7.5).

• How can I fix CVE-2018-5135?

  To fix CVE-2018-5135, you should update Firefox to version 59 or later.

• Where can I find more information about CVE-2018-5135?

  You can find more information about CVE-2018-5135 on the Mozilla Bugzilla and Mozilla Security Advisories websites.