VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	6.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11762.json
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
epss	0.00405	https://api.first.org/data/v1/epss?cve=CVE-2019-11762
cvssv2	5.8	https://nvd.nist.gov/vuln/detail/CVE-2019-11762
cvssv3.1	6.1	https://nvd.nist.gov/vuln/detail/CVE-2019-11762
archlinux	Critical	https://security.archlinux.org/AVG-1054
archlinux	Critical	https://security.archlinux.org/AVG-1055
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

System

Score

Found at

cvssv3

6.1

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11762.json

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

epss

0.00405

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

cvssv2

5.8

https://nvd.nist.gov/vuln/detail/CVE-2019-11762

cvssv3.1

6.1

https://nvd.nist.gov/vuln/detail/CVE-2019-11762

archlinux

Critical

https://security.archlinux.org/AVG-1054

archlinux

Critical

https://security.archlinux.org/AVG-1055

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11762.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-11762
		https://bugzilla.mozilla.org/show_bug.cgi?id=1582857
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
		https://security.gentoo.org/glsa/202003-10
		https://www.mozilla.org/security/advisories/mfsa2019-33/
		https://www.mozilla.org/security/advisories/mfsa2019-35/
1764443		https://bugzilla.redhat.com/show_bug.cgi?id=1764443
ASA-201910-15		https://security.archlinux.org/ASA-201910-15
ASA-201910-16		https://security.archlinux.org/ASA-201910-16
AVG-1054		https://security.archlinux.org/AVG-1054
AVG-1055		https://security.archlinux.org/AVG-1055
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
CVE-2019-11762		https://nvd.nist.gov/vuln/detail/CVE-2019-11762
mfsa2019-33		https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
mfsa2019-34		https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
mfsa2019-35		https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
RHSA-2019:3193		https://access.redhat.com/errata/RHSA-2019:3193
RHSA-2019:3196		https://access.redhat.com/errata/RHSA-2019:3196
RHSA-2019:3210		https://access.redhat.com/errata/RHSA-2019:3210
RHSA-2019:3237		https://access.redhat.com/errata/RHSA-2019:3237
RHSA-2019:3281		https://access.redhat.com/errata/RHSA-2019:3281
RHSA-2019:3756		https://access.redhat.com/errata/RHSA-2019:3756
USN-4165-1		https://usn.ubuntu.com/4165-1/
USN-4202-1		https://usn.ubuntu.com/4202-1/
USN-4335-1		https://usn.ubuntu.com/4335-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11762.json

https://api.first.org/data/v1/epss?cve=CVE-2019-11762

https://bugzilla.mozilla.org/show_bug.cgi?id=1582857

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

https://security.gentoo.org/glsa/202003-10

https://www.mozilla.org/security/advisories/mfsa2019-33/

https://www.mozilla.org/security/advisories/mfsa2019-35/

1764443

https://bugzilla.redhat.com/show_bug.cgi?id=1764443

ASA-201910-15

https://security.archlinux.org/ASA-201910-15

ASA-201910-16

https://security.archlinux.org/ASA-201910-16

AVG-1054

https://security.archlinux.org/AVG-1054

AVG-1055

https://security.archlinux.org/AVG-1055

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

CVE-2019-11762

https://nvd.nist.gov/vuln/detail/CVE-2019-11762

mfsa2019-33

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

mfsa2019-34

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

mfsa2019-35

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

RHSA-2019:3193

https://access.redhat.com/errata/RHSA-2019:3193

RHSA-2019:3196

https://access.redhat.com/errata/RHSA-2019:3196

RHSA-2019:3210

https://access.redhat.com/errata/RHSA-2019:3210

RHSA-2019:3237

https://access.redhat.com/errata/RHSA-2019:3237

RHSA-2019:3281

https://access.redhat.com/errata/RHSA-2019:3281

RHSA-2019:3756

https://access.redhat.com/errata/RHSA-2019:3756

USN-4165-1

https://usn.ubuntu.com/4165-1/

USN-4202-1

https://usn.ubuntu.com/4202-1/

USN-4335-1

https://usn.ubuntu.com/4335-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:57.543518+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml	37.0.0

2025-07-31T08:09:57.543518+00:00

Mozilla Importer

Import

https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml

37.0.0

Vulnerability ID	VCID-jzps-brkp-g3e3
Aliases	CVE-2019-11762
Summary	If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

CWE-346	Origin Validation Error
CWE-829	Inclusion of Functionality from Untrusted Control Sphere

Percentile	0.60202
EPSS Score	0.00405
Published At	July 30, 2025, 12:55 p.m.