{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","type":"deb","namespace":"debian","name":"firefox","version":"69.0-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"69.0.1-1","latest_non_vulnerable_version":"150.0.1-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63378?format=json","vulnerability_id":"VCID-1pvk-yzup-wfbc","summary":"An out-of-bounds read vulnerability exists in the Skia graphics library, allowing for the possible leaking of data from memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5849.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5849.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5849","reference_id":"","reference_type":"","scores":[{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65305","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65441","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65431","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65417","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65433","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65445","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65353","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65379","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65343","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65396","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65407","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65412","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65384","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65421","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5849"},{"reference_url":"https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html","reference_id":"","reference_type":"","scores":[],"url":"https://chromereleases.googleblog.com/2019/06/stable-channel-update-for-desktop.html"},{"reference_url":"https://crbug.com/954891","reference_id":"","reference_type":"","scores":[],"url":"https://crbug.com/954891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748674","reference_id":"1748674","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748674"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5849","reference_id":"CVE-2019-5849","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5849"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-5849"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pvk-yzup-wfbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63366?format=json","vulnerability_id":"VCID-4seg-6hwv-3qaw","summary":"The \"Forget about this site\" feature in the History pane is intended to remove all saved user data that indicates a user has visited a site. This includes removing any HTTP Strict Transport Security (HSTS) settings received from sites that use it. Due to a bug, sites on the pre-load list also have their HSTS setting removed. On the next visit to that site if the user specifies an http: URL rather than secure https: they will not be protected by the pre-loaded HSTS setting. After that visit the site's HSTS setting will be restored.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11747.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11747","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57595","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57635","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57665","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5766","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57639","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57597","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57616","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57523","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57607","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57628","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57604","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57657","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57661","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57676","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57655","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11747"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1564481","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1564481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11747"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748664","reference_id":"1748664","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748664"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11747","reference_id":"CVE-2019-11747","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11747"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11747"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4seg-6hwv-3qaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63377?format=json","vulnerability_id":"VCID-63t8-2rm7-5ya6","summary":"A compromised sandboxed content process can perform a Universal Cross-site Scripting (UXSS) attack on content from any site it can cause to be loaded in the same process. Because addons.mozilla.org and accounts.firefox.com have close ties to the Firefox product, malicious manipulation of these sites within the browser can potentially be used to modify a user's Firefox configuration. These two sites will now be isolated into their own process and not allowed to be loaded in a standard content process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11741.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11741.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11741","reference_id":"","reference_type":"","scores":[{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47556","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47562","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47681","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47673","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47626","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47606","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47595","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47565","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47619","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47615","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47639","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47614","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47623","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11741"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1539595","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1539595"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748673","reference_id":"1748673","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748673"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11741","reference_id":"CVE-2019-11741","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11741"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11741"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-63t8-2rm7-5ya6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63367?format=json","vulnerability_id":"VCID-6z7n-s34h-nbed","summary":"Mozilla developers and community members Mikhail Gavrilov, Tyson Smith, Marcia Knous, Tom Ritter, Philipp, and Bob Owens reported memory safety bugs present in Firefox 68 and Firefox ESR 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11735.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11735.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11735","reference_id":"","reference_type":"","scores":[{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64046","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64011","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63981","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64016","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64028","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64035","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64048","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63899","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63958","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63985","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63945","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.63995","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64013","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64024","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11735"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1561404%2C1561484%2C1568047%2C1561912%2C1565744%2C1568858%2C1570358","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1561404%2C1561484%2C1568047%2C1561912%2C1565744%2C1568858%2C1570358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11735"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748661","reference_id":"1748661","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748661"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11735","reference_id":"CVE-2019-11735","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11735"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11735"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6z7n-s34h-nbed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41640?format=json","vulnerability_id":"VCID-ccbk-bcjn-9ygr","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11740.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11740","reference_id":"","reference_type":"","scores":[{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81204","published_at":"2026-04-29T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81136","published_at":"2026-04-09T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.8114","published_at":"2026-04-12T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81133","published_at":"2026-04-13T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.8117","published_at":"2026-04-16T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81172","published_at":"2026-04-18T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81169","published_at":"2026-04-21T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81192","published_at":"2026-04-24T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81199","published_at":"2026-04-26T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81069","published_at":"2026-04-01T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81078","published_at":"2026-04-02T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.015","scoring_system":"epss","scoring_elements":"0.81129","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11740"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1563133%2C1573160","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1563133%2C1573160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-27/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-27/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-29/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-29/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-30/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-30/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748652","reference_id":"1748652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748652"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11740","reference_id":"CVE-2019-11740","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11740"},{"reference_url":"https://security.gentoo.org/glsa/201911-07","reference_id":"GLSA-201911-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201911-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27","reference_id":"mfsa2019-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29","reference_id":"mfsa2019-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30","reference_id":"mfsa2019-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2694","reference_id":"RHSA-2019:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2729","reference_id":"RHSA-2019:2729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2773","reference_id":"RHSA-2019:2773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2774","reference_id":"RHSA-2019:2774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2807","reference_id":"RHSA-2019:2807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2807"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"},{"reference_url":"https://usn.ubuntu.com/4150-1/","reference_id":"USN-4150-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4150-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11740"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ccbk-bcjn-9ygr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63362?format=json","vulnerability_id":"VCID-cupx-f8h2-dbfw","summary":"WebRTC in Firefox will honor persisted permissions given to sites for access to microphone and camera resources even when in a third-party context. In light of recent high profile vulnerabilities in other software, a decision was made to no longer persist these permissions. This avoids the possibility of trusted WebRTC resources being invisibly embedded in web content and abusing permissions previously given by users. Users will now be prompted for permissions on each use.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11748.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11748.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11748","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53298","published_at":"2026-04-29T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53365","published_at":"2026-04-16T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53371","published_at":"2026-04-18T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53351","published_at":"2026-04-21T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53323","published_at":"2026-04-24T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53335","published_at":"2026-04-26T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53244","published_at":"2026-04-01T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53268","published_at":"2026-04-02T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53294","published_at":"2026-04-04T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53263","published_at":"2026-04-07T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53315","published_at":"2026-04-08T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.5331","published_at":"2026-04-09T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.5336","published_at":"2026-04-11T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53344","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11748"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1564588","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1564588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11748","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11748"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748665","reference_id":"1748665","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748665"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11748","reference_id":"CVE-2019-11748","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11748"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11748"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cupx-f8h2-dbfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63365?format=json","vulnerability_id":"VCID-fr2x-ad9j-jyej","summary":"If a Content Security Policy (CSP) directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11738.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11738.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11738","reference_id":"","reference_type":"","scores":[{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69135","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.6907","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69041","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.6908","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69089","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.6912","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69128","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.68976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.68994","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69044","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69063","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69085","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11738"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1452037","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1452037"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11738"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748663","reference_id":"1748663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748663"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11738","reference_id":"CVE-2019-11738","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11738"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11738"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fr2x-ad9j-jyej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41649?format=json","vulnerability_id":"VCID-hpnv-s73g-8yhp","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9812.json","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9812","reference_id":"","reference_type":"","scores":[{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.60435","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00396","scoring_system":"epss","scoring_elements":"0.6045","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66827","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66742","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66848","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66816","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66849","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66863","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66846","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.6678","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66806","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66841","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.66861","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748660","reference_id":"1748660","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748660"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://security.gentoo.org/glsa/201911-07","reference_id":"GLSA-201911-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201911-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27","reference_id":"mfsa2019-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2694","reference_id":"RHSA-2019:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2729","reference_id":"RHSA-2019:2729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2729"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-9812"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hpnv-s73g-8yhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63379?format=json","vulnerability_id":"VCID-jzd1-xa3x-c7dm","summary":"If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11737.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11737.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11737","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32865","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32507","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.3289","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32855","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32707","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32593","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32996","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33031","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32854","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32901","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32932","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32935","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32897","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32872","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32912","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11737"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1388015","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1388015"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748675","reference_id":"1748675","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748675"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11737","reference_id":"CVE-2019-11737","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11737"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11737"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jzd1-xa3x-c7dm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63363?format=json","vulnerability_id":"VCID-pt8y-85gt-8kge","summary":"A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11749.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11749","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58822","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58824","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.5883","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58848","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58811","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58843","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58807","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58707","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58781","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58803","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58772","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11749"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1565374","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1565374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11749"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748666","reference_id":"1748666","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748666"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11749","reference_id":"CVE-2019-11749","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11749"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11749"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pt8y-85gt-8kge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63380?format=json","vulnerability_id":"VCID-qx6h-9sx4-wqdp","summary":"Mozilla developers and community members Randell Jesup, Philipp, Cosmin Sabou, and Natalia Csoregi reported memory safety bugs present in Firefox 68. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11734.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11734.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11734","reference_id":"","reference_type":"","scores":[{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62705","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62872","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62856","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62837","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62857","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62873","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62762","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62792","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62756","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62824","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62842","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62831","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62849","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11734"},{"reference_url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1352875%2C1536227%2C1557208%2C1560641","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/buglist.cgi?bug_id=1352875%2C1536227%2C1557208%2C1560641"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748676","reference_id":"1748676","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748676"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11734","reference_id":"CVE-2019-11734","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11734"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11734"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qx6h-9sx4-wqdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41642?format=json","vulnerability_id":"VCID-s326-zdyp-67ev","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11742.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11742.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11742","reference_id":"","reference_type":"","scores":[{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67284","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67238","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67252","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67272","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67258","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67223","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.6727","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67251","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67271","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67282","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.6715","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67187","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67211","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11742"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1559715","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1559715"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-27/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-27/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-29/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-29/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-30/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-30/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748653","reference_id":"1748653","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748653"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11742","reference_id":"CVE-2019-11742","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11742"},{"reference_url":"https://security.gentoo.org/glsa/201911-07","reference_id":"GLSA-201911-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201911-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27","reference_id":"mfsa2019-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29","reference_id":"mfsa2019-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30","reference_id":"mfsa2019-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2694","reference_id":"RHSA-2019:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2729","reference_id":"RHSA-2019:2729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2773","reference_id":"RHSA-2019:2773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2774","reference_id":"RHSA-2019:2774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2807","reference_id":"RHSA-2019:2807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2807"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"},{"reference_url":"https://usn.ubuntu.com/4150-1/","reference_id":"USN-4150-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4150-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11742"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s326-zdyp-67ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41645?format=json","vulnerability_id":"VCID-scqu-uppe-w3h3","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11744.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11744","reference_id":"","reference_type":"","scores":[{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71191","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71096","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71119","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71105","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71088","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71134","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71142","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71121","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71179","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71187","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.7104","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71049","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71066","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71041","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71084","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11744"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1562033","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1562033"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-27/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-27/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-29/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-29/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-30/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-30/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748655","reference_id":"1748655","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748655"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11744","reference_id":"CVE-2019-11744","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11744"},{"reference_url":"https://security.gentoo.org/glsa/201911-07","reference_id":"GLSA-201911-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201911-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27","reference_id":"mfsa2019-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29","reference_id":"mfsa2019-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30","reference_id":"mfsa2019-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2694","reference_id":"RHSA-2019:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2729","reference_id":"RHSA-2019:2729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2773","reference_id":"RHSA-2019:2773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2774","reference_id":"RHSA-2019:2774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2807","reference_id":"RHSA-2019:2807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2807"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"},{"reference_url":"https://usn.ubuntu.com/4150-1/","reference_id":"USN-4150-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4150-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11744"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scqu-uppe-w3h3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41646?format=json","vulnerability_id":"VCID-tfa3-jx19-h7bz","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11746.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11746","reference_id":"","reference_type":"","scores":[{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70956","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70869","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70892","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70876","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70861","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70907","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70913","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70893","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70947","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70957","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70802","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70816","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70835","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.7081","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00651","scoring_system":"epss","scoring_elements":"0.70853","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11746"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1564449","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1564449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-27/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-27/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-29/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-29/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-30/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-30/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748656","reference_id":"1748656","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748656"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11746","reference_id":"CVE-2019-11746","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11746"},{"reference_url":"https://security.gentoo.org/glsa/201911-07","reference_id":"GLSA-201911-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201911-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27","reference_id":"mfsa2019-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29","reference_id":"mfsa2019-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30","reference_id":"mfsa2019-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2694","reference_id":"RHSA-2019:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2729","reference_id":"RHSA-2019:2729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2773","reference_id":"RHSA-2019:2773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2774","reference_id":"RHSA-2019:2774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2807","reference_id":"RHSA-2019:2807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2807"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"},{"reference_url":"https://usn.ubuntu.com/4150-1/","reference_id":"USN-4150-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4150-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11746"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tfa3-jx19-h7bz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41647?format=json","vulnerability_id":"VCID-tjkj-zeeh-xqcy","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11752.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11752.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11752","reference_id":"","reference_type":"","scores":[{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75661","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75583","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75608","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75588","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75582","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75619","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75623","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75607","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75645","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.7565","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75518","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.7552","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.7555","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.7553","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75572","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11752"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1501152","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1501152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-27/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-27/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-29/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-29/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-30/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-30/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748657","reference_id":"1748657","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748657"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11752","reference_id":"CVE-2019-11752","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11752"},{"reference_url":"https://security.gentoo.org/glsa/201911-07","reference_id":"GLSA-201911-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201911-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27","reference_id":"mfsa2019-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29","reference_id":"mfsa2019-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30","reference_id":"mfsa2019-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2694","reference_id":"RHSA-2019:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2729","reference_id":"RHSA-2019:2729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2773","reference_id":"RHSA-2019:2773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2774","reference_id":"RHSA-2019:2774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2807","reference_id":"RHSA-2019:2807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2807"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"},{"reference_url":"https://usn.ubuntu.com/4150-1/","reference_id":"USN-4150-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4150-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11752"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tjkj-zeeh-xqcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63364?format=json","vulnerability_id":"VCID-wd3w-em5q-y7cj","summary":"A type confusion vulnerability exists in Spidermonkey, which results in a non-exploitable crash.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11750.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11750.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11750","reference_id":"","reference_type":"","scores":[{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59211","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59216","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59195","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59178","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59198","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59067","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59141","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59164","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59129","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59179","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59192","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59194","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11750"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1568397","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1568397"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11750"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748667","reference_id":"1748667","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748667"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11750","reference_id":"CVE-2019-11750","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11750"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11750"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wd3w-em5q-y7cj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41644?format=json","vulnerability_id":"VCID-xt5q-bfq6-73bn","summary":"Multiple vulnerabilities have been found in Mozilla Firefox, the\n    worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11743.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11743.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11743","reference_id":"","reference_type":"","scores":[{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76951","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76856","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76865","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76859","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76903","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76907","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.769","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76931","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76939","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76801","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76805","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76814","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76846","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11743"},{"reference_url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1560495","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1560495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11742"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11743"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11752"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://w3c.github.io/navigation-timing","reference_id":"","reference_type":"","scores":[],"url":"https://w3c.github.io/navigation-timing"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-25/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-26/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-26/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-27/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-27/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-29/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-29/"},{"reference_url":"https://www.mozilla.org/security/advisories/mfsa2019-30/","reference_id":"","reference_type":"","scores":[],"url":"https://www.mozilla.org/security/advisories/mfsa2019-30/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748654","reference_id":"1748654","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748654"},{"reference_url":"https://security.archlinux.org/ASA-201909-2","reference_id":"ASA-201909-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-2"},{"reference_url":"https://security.archlinux.org/AVG-1036","reference_id":"AVG-1036","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1036"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11743","reference_id":"CVE-2019-11743","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11743"},{"reference_url":"https://security.gentoo.org/glsa/201911-07","reference_id":"GLSA-201911-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201911-07"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25","reference_id":"mfsa2019-25","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-25"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26","reference_id":"mfsa2019-26","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-26"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27","reference_id":"mfsa2019-27","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-27"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29","reference_id":"mfsa2019-29","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-29"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30","reference_id":"mfsa2019-30","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2019-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2663","reference_id":"RHSA-2019:2663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2694","reference_id":"RHSA-2019:2694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2729","reference_id":"RHSA-2019:2729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2773","reference_id":"RHSA-2019:2773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2774","reference_id":"RHSA-2019:2774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2807","reference_id":"RHSA-2019:2807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2807"},{"reference_url":"https://usn.ubuntu.com/4122-1/","reference_id":"USN-4122-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4122-1/"},{"reference_url":"https://usn.ubuntu.com/4150-1/","reference_id":"USN-4150-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4150-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582946?format=json","purl":"pkg:deb/debian/firefox@69.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/582059?format=json","purl":"pkg:deb/debian/firefox@149.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059611?format=json","purl":"pkg:deb/debian/firefox@149.0.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@149.0.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1076056?format=json","purl":"pkg:deb/debian/firefox@150.0-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088670?format=json","purl":"pkg:deb/debian/firefox@150.0.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@150.0.1-1%3Fdistro=sid"}],"aliases":["CVE-2019-11743"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xt5q-bfq6-73bn"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/firefox@69.0-1%3Fdistro=sid"}