Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/firefox@69.0-1
Typealpm
Namespacearchlinux
Namefirefox
Version69.0-1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version70.0-1
Latest_non_vulnerable_version101.0-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2wxh-2zyh-1ke4
vulnerability_id VCID-2wxh-2zyh-1ke4
summary If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content.
references
0
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
1
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11737
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wxh-2zyh-1ke4
1
url VCID-7skz-3xdx-qfb2
vulnerability_id VCID-7skz-3xdx-qfb2
summary Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
7
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
8
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
9
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
reference_id mfsa2019-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-9812
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7skz-3xdx-qfb2
2
url VCID-a7f4-e11n-nudj
vulnerability_id VCID-a7f4-e11n-nudj
summary A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
8
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
9
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
reference_id mfsa2019-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
reference_id mfsa2019-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
reference_id mfsa2019-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11742
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7f4-e11n-nudj
3
url VCID-ahyy-dnwx-hkgq
vulnerability_id VCID-ahyy-dnwx-hkgq
summary The "Forget about this site" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11747
1
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
2
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11747
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ahyy-dnwx-hkgq
4
url VCID-bcec-844m-17er
vulnerability_id VCID-bcec-844m-17er
summary It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
8
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
9
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
reference_id mfsa2019-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
reference_id mfsa2019-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
reference_id mfsa2019-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11752
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bcec-844m-17er
5
url VCID-c8zu-jpst-7yd4
vulnerability_id VCID-c8zu-jpst-7yd4
summary A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user's Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process.
references
0
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
1
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11741
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c8zu-jpst-7yd4
6
url VCID-gus7-632r-pbe8
vulnerability_id VCID-gus7-632r-pbe8
summary Mozilla developers and community members Tyson Smith and Nathan Froyd reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
8
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
9
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
reference_id mfsa2019-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
reference_id mfsa2019-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
reference_id mfsa2019-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11740
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gus7-632r-pbe8
7
url VCID-hmhw-rwg5-nkaf
vulnerability_id VCID-hmhw-rwg5-nkaf
summary WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11748
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11748
1
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
2
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11748
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hmhw-rwg5-nkaf
8
url VCID-huuy-2tmx-5qfw
vulnerability_id VCID-huuy-2tmx-5qfw
summary A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11749
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11749
1
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
2
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11749
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-huuy-2tmx-5qfw
9
url VCID-n2q8-gxpe-z7hs
vulnerability_id VCID-n2q8-gxpe-z7hs
summary Mozilla developers and community members Mikhail Gavrilov, Tyson Smith, Marcia Knous, Tom Ritter, Philipp, and Bob Owens reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11735
1
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
2
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11735
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n2q8-gxpe-z7hs
10
url VCID-pdnj-utqg-bbdy
vulnerability_id VCID-pdnj-utqg-bbdy
summary An out-of-bounds read vulnerability exists in the Skia graphics library, allowing for the possible leaking of data from memory.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834
28
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837
30
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838
31
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839
32
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840
33
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842
35
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843
36
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848
38
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849
39
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850
40
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851
41
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852
42
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853
43
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854
44
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855
45
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856
46
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857
47
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858
48
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859
49
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860
50
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861
51
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862
52
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864
53
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865
54
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867
55
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868
56
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503
57
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504
58
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
59
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
60
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-5849
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdnj-utqg-bbdy
11
url VCID-q8zd-91dy-x7cx
vulnerability_id VCID-q8zd-91dy-x7cx
summary Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
8
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
9
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
reference_id mfsa2019-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
reference_id mfsa2019-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
reference_id mfsa2019-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11743
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8zd-91dy-x7cx
12
url VCID-rkqd-sddx-dqc6
vulnerability_id VCID-rkqd-sddx-dqc6
summary Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
8
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
9
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
reference_id mfsa2019-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
reference_id mfsa2019-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
reference_id mfsa2019-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11744
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkqd-sddx-dqc6
13
url VCID-w5m4-671n-qkfx
vulnerability_id VCID-w5m4-671n-qkfx
summary If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11738
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11738
1
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
2
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11738
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w5m4-671n-qkfx
14
url VCID-xn4h-9ze2-3yft
vulnerability_id VCID-xn4h-9ze2-3yft
summary Mozilla developers and community members Randell Jesup, Philipp, Cosmin Sabou, and Natalia Csoregi reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.
references
0
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
1
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
2
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11734
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xn4h-9ze2-3yft
15
url VCID-y916-adxe-hkab
vulnerability_id VCID-y916-adxe-hkab
summary A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812
8
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
9
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
10
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
11
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
12
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
reference_id mfsa2019-27
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-27
13
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
reference_id mfsa2019-29
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-29
14
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
reference_id mfsa2019-30
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-30
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11746
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y916-adxe-hkab
16
url VCID-yr2r-ca9n-w7bw
vulnerability_id VCID-yr2r-ca9n-w7bw
summary A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash.
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11750
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11750
1
reference_url https://security.archlinux.org/ASA-201909-2
reference_id ASA-201909-2
reference_type
scores
url https://security.archlinux.org/ASA-201909-2
2
reference_url https://security.archlinux.org/AVG-1036
reference_id AVG-1036
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1036
3
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
reference_id mfsa2019-25
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-25
4
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
reference_id mfsa2019-26
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-26
fixed_packages
0
url pkg:alpm/archlinux/firefox@69.0-1
purl pkg:alpm/archlinux/firefox@69.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1
aliases CVE-2019-11750
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yr2r-ca9n-w7bw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/firefox@69.0-1