First published: Wed Oct 23 2019(Updated: )
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting (XSS) attacks, bypass content security policy (CSP) protections, or execute arbitrary code.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/firefox | <70.0+build2-0ubuntu0.19.10.1 | 70.0+build2-0ubuntu0.19.10.1 |
=19.10 | ||
All of | ||
ubuntu/firefox | <70.0+build2-0ubuntu0.19.04.1 | 70.0+build2-0ubuntu0.19.04.1 |
=19.04 | ||
All of | ||
ubuntu/firefox | <70.0+build2-0ubuntu0.18.04.1 | 70.0+build2-0ubuntu0.18.04.1 |
=18.04 | ||
All of | ||
ubuntu/firefox | <70.0+build2-0ubuntu0.16.04.1 | 70.0+build2-0ubuntu0.16.04.1 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)
The severity of USN-4165-1 is not specified in the information provided.
To fix USN-4165-1, update your Firefox to version 70.0+build2-0ubuntu0.19.10.1 for Ubuntu 19.10, 70.0+build2-0ubuntu0.19.04.1 for Ubuntu 19.04, 70.0+build2-0ubuntu0.18.04.1 for Ubuntu 18.04, or 70.0+build2-0ubuntu0.16.04.1 for Ubuntu 16.04.
The affected software versions for USN-4165-1 are Firefox 70.0+build2-0ubuntu0.19.10.1 for Ubuntu 19.10, Firefox 70.0+build2-0ubuntu0.19.04.1 for Ubuntu 19.04, Firefox 70.0+build2-0ubuntu0.18.04.1 for Ubuntu 18.04, and Firefox 70.0+build2-0ubuntu0.16.04.1 for Ubuntu 16.04.
The security issues addressed in USN-4165-1 include denial of service, bypassing security restrictions, bypassing same-origin restrictions, and conducting cross-site scripting (XSS) attacks.
You can find more information about the vulnerabilities in USN-4165-1 at the following references: CVE-2018-6156, CVE-2019-11757, and CVE-2019-11759.