Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-javq-3r82-73fq
Vulnerability ID VCID-javq-3r82-73fq
Aliases CVE-2019-17022
Summary Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
System Score Found at
cvssv3 6.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17022.json
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
epss 0.04633 https://api.first.org/data/v1/epss?cve=CVE-2019-17022
archlinux Critical https://security.archlinux.org/AVG-1084
archlinux Critical https://security.archlinux.org/AVG-1086
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2020-02
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2020-04
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17022.json
https://api.first.org/data/v1/epss?cve=CVE-2019-17022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17024
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17026
1788726 https://bugzilla.redhat.com/show_bug.cgi?id=1788726
ASA-202001-1 https://security.archlinux.org/ASA-202001-1
ASA-202001-4 https://security.archlinux.org/ASA-202001-4
AVG-1084 https://security.archlinux.org/AVG-1084
AVG-1086 https://security.archlinux.org/AVG-1086
GLSA-202003-02 https://security.gentoo.org/glsa/202003-02
mfsa2020-01 https://www.mozilla.org/en-US/security/advisories/mfsa2020-01
mfsa2020-02 https://www.mozilla.org/en-US/security/advisories/mfsa2020-02
mfsa2020-04 https://www.mozilla.org/en-US/security/advisories/mfsa2020-04
RHSA-2020:0085 https://access.redhat.com/errata/RHSA-2020:0085
RHSA-2020:0086 https://access.redhat.com/errata/RHSA-2020:0086
RHSA-2020:0111 https://access.redhat.com/errata/RHSA-2020:0111
RHSA-2020:0120 https://access.redhat.com/errata/RHSA-2020:0120
RHSA-2020:0123 https://access.redhat.com/errata/RHSA-2020:0123
RHSA-2020:0127 https://access.redhat.com/errata/RHSA-2020:0127
RHSA-2020:0292 https://access.redhat.com/errata/RHSA-2020:0292
RHSA-2020:0295 https://access.redhat.com/errata/RHSA-2020:0295
USN-4234-1 https://usn.ubuntu.com/4234-1/
USN-4241-1 https://usn.ubuntu.com/4241-1/
USN-4335-1 https://usn.ubuntu.com/4335-1/
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17022.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.89236
EPSS Score 0.04633
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:04:36.680051+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/202003-02 38.0.0