VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11757.json
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
epss	0.01784	https://api.first.org/data/v1/epss?cve=CVE-2019-11757
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2019-11757
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2019-11757
archlinux	Critical	https://security.archlinux.org/AVG-1054
archlinux	Critical	https://security.archlinux.org/AVG-1055
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

System

Score

Found at

cvssv3

8.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11757.json

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

epss

0.01784

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

cvssv2

6.8

https://nvd.nist.gov/vuln/detail/CVE-2019-11757

cvssv3.1

8.8

https://nvd.nist.gov/vuln/detail/CVE-2019-11757

archlinux

Critical

https://security.archlinux.org/AVG-1054

archlinux

Critical

https://security.archlinux.org/AVG-1055

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11757.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-11757
		https://bugzilla.mozilla.org/show_bug.cgi?id=1577107
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
		https://security.gentoo.org/glsa/202003-10
		https://www.mozilla.org/security/advisories/mfsa2019-33/
		https://www.mozilla.org/security/advisories/mfsa2019-35/
1764438		https://bugzilla.redhat.com/show_bug.cgi?id=1764438
ASA-201910-15		https://security.archlinux.org/ASA-201910-15
ASA-201910-16		https://security.archlinux.org/ASA-201910-16
AVG-1054		https://security.archlinux.org/AVG-1054
AVG-1055		https://security.archlinux.org/AVG-1055
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
CVE-2019-11757		https://nvd.nist.gov/vuln/detail/CVE-2019-11757
mfsa2019-33		https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
mfsa2019-34		https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
mfsa2019-35		https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
RHSA-2019:3193		https://access.redhat.com/errata/RHSA-2019:3193
RHSA-2019:3196		https://access.redhat.com/errata/RHSA-2019:3196
RHSA-2019:3210		https://access.redhat.com/errata/RHSA-2019:3210
RHSA-2019:3237		https://access.redhat.com/errata/RHSA-2019:3237
RHSA-2019:3281		https://access.redhat.com/errata/RHSA-2019:3281
RHSA-2019:3756		https://access.redhat.com/errata/RHSA-2019:3756
USN-4165-1		https://usn.ubuntu.com/4165-1/
USN-4202-1		https://usn.ubuntu.com/4202-1/
USN-4335-1		https://usn.ubuntu.com/4335-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11757.json

https://api.first.org/data/v1/epss?cve=CVE-2019-11757

https://bugzilla.mozilla.org/show_bug.cgi?id=1577107

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

https://security.gentoo.org/glsa/202003-10

https://www.mozilla.org/security/advisories/mfsa2019-33/

https://www.mozilla.org/security/advisories/mfsa2019-35/

1764438

https://bugzilla.redhat.com/show_bug.cgi?id=1764438

ASA-201910-15

https://security.archlinux.org/ASA-201910-15

ASA-201910-16

https://security.archlinux.org/ASA-201910-16

AVG-1054

https://security.archlinux.org/AVG-1054

AVG-1055

https://security.archlinux.org/AVG-1055

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

CVE-2019-11757

https://nvd.nist.gov/vuln/detail/CVE-2019-11757

mfsa2019-33

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

mfsa2019-34

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

mfsa2019-35

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

RHSA-2019:3193

https://access.redhat.com/errata/RHSA-2019:3193

RHSA-2019:3196

https://access.redhat.com/errata/RHSA-2019:3196

RHSA-2019:3210

https://access.redhat.com/errata/RHSA-2019:3210

RHSA-2019:3237

https://access.redhat.com/errata/RHSA-2019:3237

RHSA-2019:3281

https://access.redhat.com/errata/RHSA-2019:3281

RHSA-2019:3756

https://access.redhat.com/errata/RHSA-2019:3756

USN-4165-1

https://usn.ubuntu.com/4165-1/

USN-4202-1

https://usn.ubuntu.com/4202-1/

USN-4335-1

https://usn.ubuntu.com/4335-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:57.445613+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml	37.0.0

2025-07-31T08:09:57.445613+00:00

Mozilla Importer

Import

https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml

37.0.0

Vulnerability ID	VCID-1859-7qcq-mubu
Aliases	CVE-2019-11757
Summary	When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Percentile	0.81935
EPSS Score	0.01784
Published At	Aug. 13, 2025, 12:55 p.m.