Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community

Type apk

Namespace alpine

Name firefox-esr

Version 60.7.0-r0

Qualifiers

arch	armhf
distroversion	v3.19
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 60.7.1-r0

Latest_non_vulnerable_version 115.17.0-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2m6k-ur1p-xkdp

vulnerability_id VCID-2m6k-ur1p-xkdp

summary If a crafted hyperlink is dragged and dropped to the bookmark bar or sidebar and the resulting bookmark is subsequently dragged and dropped into the web content area, an arbitrary query of a user's browser history can be run and transmitted to the content page via drop event data. This allows for the theft of browser history by a malicious site.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11698.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11698.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11698

reference_id

reference_type

scores

value	0.00275
scoring_system	epss
scoring_elements	0.51168
published_at	2026-06-09T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51133
published_at	2026-06-04T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51195
published_at	2026-06-05T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.512
published_at	2026-06-06T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51179
published_at	2026-06-07T12:55:00Z

value	0.00275
scoring_system	epss
scoring_elements	0.51149
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712621
reference_id	1712621
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712621

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-11698

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2m6k-ur1p-xkdp

url VCID-3scc-qaat-6fcu

vulnerability_id VCID-3scc-qaat-6fcu

summary A use-after-free vulnerability can occur when listeners are removed from the event listener manager while still in use, resulting in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11692.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11692.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11692

reference_id

reference_type

scores

value	0.00732
scoring_system	epss
scoring_elements	0.7309
published_at	2026-06-08T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.73078
published_at	2026-06-04T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.73115
published_at	2026-06-09T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.73121
published_at	2026-06-06T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.73103
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712618
reference_id	1712618
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712618

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-11692

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3scc-qaat-6fcu

url VCID-4m26-hb5s-xkc6

vulnerability_id VCID-4m26-hb5s-xkc6

summary Cross-origin images can be read from a canvas element in violation of the same-origin policy using the transferFromImageBitmap method.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18511.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18511.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-18511

reference_id

reference_type

scores

value	0.00813
scoring_system	epss
scoring_elements	0.74657
published_at	2026-06-09T12:55:00Z

value	0.00813
scoring_system	epss
scoring_elements	0.74631
published_at	2026-06-08T12:55:00Z

value	0.00813
scoring_system	epss
scoring_elements	0.74655
published_at	2026-06-05T12:55:00Z

value	0.00813
scoring_system	epss
scoring_elements	0.74624
published_at	2026-06-04T12:55:00Z

value	0.00813
scoring_system	epss
scoring_elements	0.74661
published_at	2026-06-06T12:55:00Z

value	0.00813
scoring_system	epss
scoring_elements	0.74648
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1676997
reference_id	1676997
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1676997

reference_url	https://security.archlinux.org/ASA-201902-16
reference_id	ASA-201902-16
reference_type
scores
url	https://security.archlinux.org/ASA-201902-16

reference_url

https://security.archlinux.org/AVG-896

reference_id

AVG-896

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-896

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-04

reference_id

mfsa2019-04

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-04

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

reference_url	https://usn.ubuntu.com/3896-1/
reference_id	USN-3896-1
reference_type
scores
url	https://usn.ubuntu.com/3896-1/

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2018-18511

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4m26-hb5s-xkc6

url VCID-bsqr-4yk1-bbau

vulnerability_id VCID-bsqr-4yk1-bbau

summary Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9797.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9797.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9797

reference_id

reference_type

scores

value	0.0041
scoring_system	epss
scoring_elements	0.61683
published_at	2026-06-09T12:55:00Z

value	0.0041
scoring_system	epss
scoring_elements	0.61665
published_at	2026-06-08T12:55:00Z

value	0.0041
scoring_system	epss
scoring_elements	0.61685
published_at	2026-06-05T12:55:00Z

value	0.0041
scoring_system	epss
scoring_elements	0.61637
published_at	2026-06-04T12:55:00Z

value	0.0041
scoring_system	epss
scoring_elements	0.61692
published_at	2026-06-06T12:55:00Z

value	0.0041
scoring_system	epss
scoring_elements	0.61681
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712622
reference_id	1712622
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712622

reference_url	https://security.archlinux.org/ASA-201903-11
reference_id	ASA-201903-11
reference_type
scores
url	https://security.archlinux.org/ASA-201903-11

reference_url

https://security.archlinux.org/AVG-925

reference_id

AVG-925

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-925

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_id

mfsa2019-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-07

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

reference_url	https://usn.ubuntu.com/3918-1/
reference_id	USN-3918-1
reference_type
scores
url	https://usn.ubuntu.com/3918-1/

reference_url	https://usn.ubuntu.com/3918-2/
reference_id	USN-3918-2
reference_type
scores
url	https://usn.ubuntu.com/3918-2/

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-9797

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bsqr-4yk1-bbau

url VCID-dace-wnut-j7g5

vulnerability_id VCID-dace-wnut-j7g5

summary A use-after-free vulnerability was discovered in the png_image_free function in the libpng library. This could lead to denial of service or a potentially exploitable crash when a malformed image is processed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7317.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7317.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-7317

reference_id

reference_type

scores

value	0.00565
scoring_system	epss
scoring_elements	0.68796
published_at	2026-06-04T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68836
published_at	2026-06-07T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68821
published_at	2026-06-08T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68841
published_at	2026-06-09T12:55:00Z

value	0.00565
scoring_system	epss
scoring_elements	0.68844
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://www.securityfocus.com/bid/108098

reference_id

108098

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

http://www.securityfocus.com/bid/108098

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1672409
reference_id	1672409
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1672409

reference_url

https://github.com/glennrp/libpng/issues/275

reference_id

275

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://github.com/glennrp/libpng/issues/275

reference_url

https://seclists.org/bugtraq/2019/Apr/30

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://seclists.org/bugtraq/2019/Apr/30

reference_url

https://seclists.org/bugtraq/2019/Apr/36

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://seclists.org/bugtraq/2019/Apr/36

reference_url

https://usn.ubuntu.com/3962-1/

reference_id

3962-1

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://usn.ubuntu.com/3962-1/

reference_url

https://usn.ubuntu.com/3991-1/

reference_id

3991-1

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://usn.ubuntu.com/3991-1/

reference_url

https://usn.ubuntu.com/3997-1/

reference_id

3997-1

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://usn.ubuntu.com/3997-1/

reference_url

https://usn.ubuntu.com/4080-1/

reference_id

4080-1

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://usn.ubuntu.com/4080-1/

reference_url

https://usn.ubuntu.com/4083-1/

reference_id

4083-1

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://usn.ubuntu.com/4083-1/

reference_url

https://seclists.org/bugtraq/2019/May/56

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://seclists.org/bugtraq/2019/May/56

reference_url

https://seclists.org/bugtraq/2019/May/59

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://seclists.org/bugtraq/2019/May/59

reference_url

https://seclists.org/bugtraq/2019/May/67

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://seclists.org/bugtraq/2019/May/67

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921355
reference_id	921355
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921355

reference_url	https://security.archlinux.org/ASA-201904-10
reference_id	ASA-201904-10
reference_type
scores
url	https://security.archlinux.org/ASA-201904-10

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-868

reference_id

AVG-868

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-868

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-7317
reference_id	CVE-2019-7317
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-7317

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803

reference_id

detail?id=12803

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803

reference_url

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us

reference_id

display?docLocale=en_US&docId=emr_na-hpesbst03977en_us

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us

reference_url

https://www.debian.org/security/2019/dsa-4435

reference_id

dsa-4435

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://www.debian.org/security/2019/dsa-4435

reference_url

https://www.debian.org/security/2019/dsa-4448

reference_id

dsa-4448

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://www.debian.org/security/2019/dsa-4448

reference_url

https://www.debian.org/security/2019/dsa-4451

reference_id

dsa-4451

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://www.debian.org/security/2019/dsa-4451

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html

reference_id

msg00002.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html

reference_id

msg00029.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html

reference_url

https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html

reference_id

msg00032.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html

reference_url

https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html

reference_id

msg00038.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html

reference_id

msg00044.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html

reference_id

msg00084.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html

reference_url

https://security.netapp.com/advisory/ntap-20190719-0005/

reference_id

ntap-20190719-0005

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://security.netapp.com/advisory/ntap-20190719-0005/

reference_url

https://access.redhat.com/errata/RHSA-2019:1265

reference_id

RHSA-2019:1265

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:1265

reference_url

https://access.redhat.com/errata/RHSA-2019:1267

reference_id

RHSA-2019:1267

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:1267

reference_url

https://access.redhat.com/errata/RHSA-2019:1269

reference_id

RHSA-2019:1269

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:1269

reference_url

https://access.redhat.com/errata/RHSA-2019:1308

reference_id

RHSA-2019:1308

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:1308

reference_url

https://access.redhat.com/errata/RHSA-2019:1309

reference_id

RHSA-2019:1309

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:1309

reference_url

https://access.redhat.com/errata/RHSA-2019:1310

reference_id

RHSA-2019:1310

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:1310

reference_url

https://access.redhat.com/errata/RHSA-2019:2494

reference_id

RHSA-2019:2494

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:2494

reference_url

https://access.redhat.com/errata/RHSA-2019:2495

reference_id

RHSA-2019:2495

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:2495

reference_url

https://access.redhat.com/errata/RHSA-2019:2585

reference_id

RHSA-2019:2585

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:2585

reference_url

https://access.redhat.com/errata/RHSA-2019:2590

reference_id

RHSA-2019:2590

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:2590

reference_url

https://access.redhat.com/errata/RHSA-2019:2592

reference_id

RHSA-2019:2592

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:2592

reference_url

https://access.redhat.com/errata/RHSA-2019:2737

reference_id

RHSA-2019:2737

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

https://access.redhat.com/errata/RHSA-2019:2737

reference_url

http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html

reference_id

Slackware-Security-Advisory-libpng-Updates.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:24:04Z/

url

http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-7317

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dace-wnut-j7g5

url VCID-dmc3-emfj-dqck

vulnerability_id VCID-dmc3-emfj-dqck

summary If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. Apple has shipped macOS 10.14.5 with an option to disable hyperthreading in applications running untrusted code in a thread through a new sysctl. Firefox now makes use of it on the main thread and any worker threads. *Note: users need to update to macOS 10.14.5 in order to take advantage of this change.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9815

reference_id

reference_type

scores

value	0.00995
scoring_system	epss
scoring_elements	0.77321
published_at	2026-06-09T12:55:00Z

value	0.00995
scoring_system	epss
scoring_elements	0.7731
published_at	2026-06-07T12:55:00Z

value	0.00995
scoring_system	epss
scoring_elements	0.7732
published_at	2026-06-06T12:55:00Z

value	0.00995
scoring_system	epss
scoring_elements	0.77301
published_at	2026-06-08T12:55:00Z

value	0.00995
scoring_system	epss
scoring_elements	0.77281
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9815

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712624
reference_id	1712624
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712624

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-9815

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmc3-emfj-dqck

url VCID-kvzw-8f7a-t3b6

vulnerability_id VCID-kvzw-8f7a-t3b6

summary The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11693.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11693.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11693

reference_id

reference_type

scores

value	0.0086
scoring_system	epss
scoring_elements	0.75432
published_at	2026-06-09T12:55:00Z

value	0.0086
scoring_system	epss
scoring_elements	0.75395
published_at	2026-06-04T12:55:00Z

value	0.0086
scoring_system	epss
scoring_elements	0.75425
published_at	2026-06-05T12:55:00Z

value	0.0086
scoring_system	epss
scoring_elements	0.75428
published_at	2026-06-06T12:55:00Z

value	0.0086
scoring_system	epss
scoring_elements	0.75419
published_at	2026-06-07T12:55:00Z

value	0.0086
scoring_system	epss
scoring_elements	0.75406
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712619
reference_id	1712619
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712619

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-11693

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kvzw-8f7a-t3b6

url VCID-mamz-qn64-67dy

vulnerability_id VCID-mamz-qn64-67dy

summary A use-after-free vulnerability can occur in the chrome event handler when it is freed while still in use. This results in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9820.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9820.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9820

reference_id

reference_type

scores

value	0.00786
scoring_system	epss
scoring_elements	0.74178
published_at	2026-06-08T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74171
published_at	2026-06-04T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74205
published_at	2026-06-09T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74209
published_at	2026-06-06T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74196
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9820

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712629
reference_id	1712629
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712629

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-9820

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mamz-qn64-67dy

url VCID-msbq-11je-jqg5

vulnerability_id VCID-msbq-11je-jqg5

summary A use-after-free vulnerability can occur when working with XMLHttpRequest (XHR) in an event loop, causing the XHR main thread to be called after it has been freed. This results in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11691.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11691.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11691

reference_id

reference_type

scores

value	0.00732
scoring_system	epss
scoring_elements	0.7309
published_at	2026-06-08T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.73078
published_at	2026-06-04T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.73115
published_at	2026-06-09T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.73121
published_at	2026-06-06T12:55:00Z

value	0.00732
scoring_system	epss
scoring_elements	0.73103
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712617
reference_id	1712617
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712617

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-11691

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-msbq-11je-jqg5

url VCID-q7gq-5cb3-9khq

vulnerability_id VCID-q7gq-5cb3-9khq

summary A possible vulnerability exists where type confusion can occur when manipulating JavaScript objects in object groups, allowing for the bypassing of security checks within these groups. *Note: this vulnerability has only been demonstrated with UnboxedObjects, which are disabled by default on all supported releases.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9816.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9816.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9816

reference_id

reference_type

scores

value	0.11045
scoring_system	epss
scoring_elements	0.93598
published_at	2026-06-09T12:55:00Z

value	0.11045
scoring_system	epss
scoring_elements	0.93582
published_at	2026-06-04T12:55:00Z

value	0.11045
scoring_system	epss
scoring_elements	0.93592
published_at	2026-06-05T12:55:00Z

value	0.11045
scoring_system	epss
scoring_elements	0.93593
published_at	2026-06-06T12:55:00Z

value	0.11045
scoring_system	epss
scoring_elements	0.93591
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712625
reference_id	1712625
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712625

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1808
reference_id	CVE-2019-9816
reference_type	exploit
scores
url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1808

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46940.txt
reference_id	CVE-2019-9816
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46940.txt

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-9816

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q7gq-5cb3-9khq

url VCID-rumu-a3np-f3fc

vulnerability_id VCID-rumu-a3np-f3fc

summary A vulnerability where a JavaScript compartment mismatch can occur while working with the fetch API, resulting in a potentially exploitable crash.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9819.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9819.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9819

reference_id

reference_type

scores

value	0.00786
scoring_system	epss
scoring_elements	0.74178
published_at	2026-06-08T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74171
published_at	2026-06-04T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74205
published_at	2026-06-09T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74209
published_at	2026-06-06T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74196
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712628
reference_id	1712628
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712628

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-9819

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rumu-a3np-f3fc

url VCID-ubs4-gjtn-zbcb

vulnerability_id VCID-ubs4-gjtn-zbcb

summary An out-of-bounds read can occur in the Skia library during path transformations. This could result in the exposure of data stored in memory.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5798.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5798.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5798

reference_id

reference_type

scores

value	0.01218
scoring_system	epss
scoring_elements	0.79407
published_at	2026-06-09T12:55:00Z

value	0.01218
scoring_system	epss
scoring_elements	0.794
published_at	2026-06-05T12:55:00Z

value	0.01218
scoring_system	epss
scoring_elements	0.79405
published_at	2026-06-06T12:55:00Z

value	0.01218
scoring_system	epss
scoring_elements	0.79398
published_at	2026-06-07T12:55:00Z

value	0.01218
scoring_system	epss
scoring_elements	0.79388
published_at	2026-06-08T12:55:00Z

value	0.01218
scoring_system	epss
scoring_elements	0.79374
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5787
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5787

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5788
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5788

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5789
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5789

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5790
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5790

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5791
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5791

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5793
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5793

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5794
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5794

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5796
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5796

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5799

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5803
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5803

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5845
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5845

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5846
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5846

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1688200
reference_id	1688200
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1688200

reference_url	https://security.archlinux.org/ASA-201903-8
reference_id	ASA-201903-8
reference_type
scores
url	https://security.archlinux.org/ASA-201903-8

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url

https://security.archlinux.org/AVG-923

reference_id

AVG-923

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-923

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url	https://security.gentoo.org/glsa/201903-23
reference_id	GLSA-201903-23
reference_type
scores
url	https://security.gentoo.org/glsa/201903-23

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:0708
reference_id	RHSA-2019:0708
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0708

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-5798

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ubs4-gjtn-zbcb

url VCID-umy3-dhaa-tkd1

vulnerability_id VCID-umy3-dhaa-tkd1

summary A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. This results in the potential leaking of information stored at that memory location. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11694

reference_id

reference_type

scores

value	0.00309
scoring_system	epss
scoring_elements	0.54435
published_at	2026-06-09T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54414
published_at	2026-06-08T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54447
published_at	2026-06-06T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54381
published_at	2026-06-04T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54437
published_at	2026-06-07T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54438
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11694

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712620
reference_id	1712620
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712620

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-11694

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-umy3-dhaa-tkd1

url VCID-xzwh-qgu1-4bhz

vulnerability_id VCID-xzwh-qgu1-4bhz

summary A race condition is present in the crash generation server used to generate data for the crash reporter. This issue can lead to a use-after-free in the main process, resulting in a potentially exploitable crash and a sandbox escape. *Note: this vulnerability only affects Windows. Other operating systems are unaffected.*

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9818

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.57819
published_at	2026-06-09T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57802
published_at	2026-06-08T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57816
published_at	2026-06-07T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57767
published_at	2026-06-04T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57827
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9818

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712627
reference_id	1712627
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712627

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-9818

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xzwh-qgu1-4bhz

url VCID-yhen-6hyd-3ug8

vulnerability_id VCID-yhen-6hyd-3ug8

summary Mozilla developers and community members Olli Pettay, Bogdan Tara, Jan de Mooij, Jason Kratzer, Jan Varga, Gary Kwong, Tim Guan-tin Chien, Tyson Smith, Ronald Crane, and Ted Campbell reported memory safety bugs present in Firefox 66 and Firefox ESR 60.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9800.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9800.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9800

reference_id

reference_type

scores

value	0.00786
scoring_system	epss
scoring_elements	0.74178
published_at	2026-06-08T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74171
published_at	2026-06-04T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74205
published_at	2026-06-09T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74209
published_at	2026-06-06T12:55:00Z

value	0.00786
scoring_system	epss
scoring_elements	0.74196
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712623
reference_id	1712623
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712623

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-9800

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yhen-6hyd-3ug8

url VCID-znh5-2s68-skb7

vulnerability_id VCID-znh5-2s68-skb7

summary Images from a different domain can be read using a canvas object in some circumstances. This could be used to steal image data from a different site in violation of same-origin policy.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9817.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9817.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9817

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.33645
published_at	2026-06-09T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33576
published_at	2026-06-04T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33677
published_at	2026-06-05T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33691
published_at	2026-06-06T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33657
published_at	2026-06-07T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33623
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18511

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5798

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7317

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9800

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9817

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9820

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1712626
reference_id	1712626
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1712626

reference_url	https://security.archlinux.org/ASA-201905-8
reference_id	ASA-201905-8
reference_type
scores
url	https://security.archlinux.org/ASA-201905-8

reference_url	https://security.archlinux.org/ASA-201905-9
reference_id	ASA-201905-9
reference_type
scores
url	https://security.archlinux.org/ASA-201905-9

reference_url

https://security.archlinux.org/AVG-965

reference_id

AVG-965

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-965

reference_url

https://security.archlinux.org/AVG-966

reference_id

AVG-966

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-966

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_id

mfsa2019-13

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_id

mfsa2019-14

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-14

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_id

mfsa2019-15

reference_type

scores

value	high
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2019-15

reference_url	https://access.redhat.com/errata/RHSA-2019:1265
reference_id	RHSA-2019:1265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1265

reference_url	https://access.redhat.com/errata/RHSA-2019:1267
reference_id	RHSA-2019:1267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1267

reference_url	https://access.redhat.com/errata/RHSA-2019:1269
reference_id	RHSA-2019:1269
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1269

reference_url	https://access.redhat.com/errata/RHSA-2019:1308
reference_id	RHSA-2019:1308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1308

reference_url	https://access.redhat.com/errata/RHSA-2019:1309
reference_id	RHSA-2019:1309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1309

reference_url	https://access.redhat.com/errata/RHSA-2019:1310
reference_id	RHSA-2019:1310
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1310

fixed_packages

url	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/firefox-esr@60.7.0-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

aliases CVE-2019-9817

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znh5-2s68-skb7

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/firefox-esr@60.7.0-r0%3Farch=armhf&distroversion=v3.19&reponame=community

Package Instance