{ "data_version": "4.0", "references": { "reference_data": [ { "url": "https://www.mozilla.org/security/advisories/mfsa2019-04/", "refsource": "MISC", "name": "https://www.mozilla.org/security/advisories/mfsa2019-04/" }, { "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1526218", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1526218" }, { "refsource": "BUGTRAQ", "name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "url": "https://seclists.org/bugtraq/2019/May/56" }, { "refsource": "BUGTRAQ", "name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "url": "https://seclists.org/bugtraq/2019/May/59" }, { "refsource": "DEBIAN", "name": "DSA-4448", "url": "https://www.debian.org/security/2019/dsa-4448" }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html" }, { "refsource": "REDHAT", "name": "RHSA-2019:1265", "url": "https://access.redhat.com/errata/RHSA-2019:1265" }, { "refsource": "REDHAT", "name": "RHSA-2019:1267", "url": "https://access.redhat.com/errata/RHSA-2019:1267" }, { "refsource": "REDHAT", "name": "RHSA-2019:1269", "url": "https://access.redhat.com/errata/RHSA-2019:1269" }, { "refsource": "DEBIAN", "name": "DSA-4451", "url": "https://www.debian.org/security/2019/dsa-4451" }, { "refsource": "BUGTRAQ", "name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "url": "https://seclists.org/bugtraq/2019/May/67" }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html" }, { "refsource": "UBUNTU", "name": "USN-3997-1", "url": "https://usn.ubuntu.com/3997-1/" }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:1484", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html" }, { "refsource": "REDHAT", "name": "RHSA-2019:1310", "url": "https://access.redhat.com/errata/RHSA-2019:1310" }, { "refsource": "REDHAT", "name": "RHSA-2019:1308", "url": "https://access.redhat.com/errata/RHSA-2019:1308" }, { "refsource": "REDHAT", "name": "RHSA-2019:1309", "url": "https://access.redhat.com/errata/RHSA-2019:1309" }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:1534", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html" }, { "refsource": "SUSE", "name": "openSUSE-SU-2019:1664", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html" } ] }, "description": { "description_data": [ { "lang": "eng", "value": "Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method. *Note: This only affects Firefox 65. Previous versions are unaffected.*. This vulnerability affects Firefox < 65.0.1." } ] }, "data_type": "CVE", "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "version": { "version_data": [ { "version_affected": "<", "version_value": "65.0.1" } ] }, "product_name": "Firefox" } ] }, "vendor_name": "Mozilla" } ] } }, "CVE_data_meta": { "ID": "CVE-2018-18511", "ASSIGNER": "security@mozilla.org", "STATE": "PUBLIC" }, "data_format": "MITRE", "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Cross-origin theft of images with ImageBitmapRenderingContext" } ] } ] } }