Under certain circumstances the "fetch()" API can return transient local copies of resources that were sent with a "no-store" or "no-cache" cache header instead of downloading a copy from the network as it should. This can result in previously stored, locally cached data of a website being accessible to users if they share a common profile while browsing. This vulnerability affects Firefox ESR < 52.7 and Firefox < 59.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
debian debian linux 9.0 |
||
mozilla firefox |
||
mozilla firefox esr |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server eus 7.5 |
||
redhat enterprise linux server eus 7.4 |
||
redhat enterprise linux server aus 7.4 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux server 7.0 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 14.04 |