Candidate: CVE-2017-7844
PublicDate: 2018-06-11 21:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7844
Description:
 A combination of an external SVG image referenced on a page and the
 coloring of anchor links stored within this image can be used to determine
 which pages a user has in their history. This can allow a malicious website
 to query user history. Note: This issue only affects Firefox 57. Earlier
 releases are not affected. This vulnerability affects Firefox < 57.0.1.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: chrisccoulson
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N [6.5 MEDIUM]

Patches_firefox:
upstream_firefox: released (57.0.1)
precise/esm_firefox: DNE
trusty_firefox: released (57.0.1+build2-0ubuntu0.14.04.1)
trusty/esm_firefox: DNE (trusty was released [57.0.1+build2-0ubuntu0.14.04.1])
xenial_firefox: released (57.0.1+build2-0ubuntu0.16.04.1)
esm-infra/xenial_firefox: released (57.0.1+build2-0ubuntu0.16.04.1)
zesty_firefox: released (57.0.1+build2-0ubuntu0.17.04.1)
artful_firefox: released (57.0.1+build2-0ubuntu0.17.10.1)
bionic_firefox: released (57.0.1+build2-0ubuntu1)
devel_firefox: released (57.0.1+build2-0ubuntu1)