VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
epss	0.03345	https://api.first.org/data/v1/epss?cve=CVE-2019-11759
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2019-11759
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2019-11759
archlinux	Critical	https://security.archlinux.org/AVG-1054
archlinux	Critical	https://security.archlinux.org/AVG-1055
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

System

Score

Found at

cvssv3

8.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

epss

0.03345

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

cvssv2

6.8

https://nvd.nist.gov/vuln/detail/CVE-2019-11759

cvssv3.1

8.8

https://nvd.nist.gov/vuln/detail/CVE-2019-11759

archlinux

Critical

https://security.archlinux.org/AVG-1054

archlinux

Critical

https://security.archlinux.org/AVG-1055

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-11759
		https://bugzilla.mozilla.org/show_bug.cgi?id=1577953
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
		https://security.gentoo.org/glsa/202003-10
		https://www.mozilla.org/security/advisories/mfsa2019-33/
		https://www.mozilla.org/security/advisories/mfsa2019-35/
1764440		https://bugzilla.redhat.com/show_bug.cgi?id=1764440
ASA-201910-15		https://security.archlinux.org/ASA-201910-15
ASA-201910-16		https://security.archlinux.org/ASA-201910-16
AVG-1054		https://security.archlinux.org/AVG-1054
AVG-1055		https://security.archlinux.org/AVG-1055
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
CVE-2019-11759		https://nvd.nist.gov/vuln/detail/CVE-2019-11759
mfsa2019-33		https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
mfsa2019-34		https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
mfsa2019-35		https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
RHSA-2019:3193		https://access.redhat.com/errata/RHSA-2019:3193
RHSA-2019:3196		https://access.redhat.com/errata/RHSA-2019:3196
RHSA-2019:3210		https://access.redhat.com/errata/RHSA-2019:3210
RHSA-2019:3237		https://access.redhat.com/errata/RHSA-2019:3237
RHSA-2019:3281		https://access.redhat.com/errata/RHSA-2019:3281
RHSA-2019:3756		https://access.redhat.com/errata/RHSA-2019:3756
USN-4165-1		https://usn.ubuntu.com/4165-1/
USN-4202-1		https://usn.ubuntu.com/4202-1/
USN-4335-1		https://usn.ubuntu.com/4335-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json

https://api.first.org/data/v1/epss?cve=CVE-2019-11759

https://bugzilla.mozilla.org/show_bug.cgi?id=1577953

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

https://security.gentoo.org/glsa/202003-10

https://www.mozilla.org/security/advisories/mfsa2019-33/

https://www.mozilla.org/security/advisories/mfsa2019-35/

1764440

https://bugzilla.redhat.com/show_bug.cgi?id=1764440

ASA-201910-15

https://security.archlinux.org/ASA-201910-15

ASA-201910-16

https://security.archlinux.org/ASA-201910-16

AVG-1054

https://security.archlinux.org/AVG-1054

AVG-1055

https://security.archlinux.org/AVG-1055

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

CVE-2019-11759

https://nvd.nist.gov/vuln/detail/CVE-2019-11759

mfsa2019-33

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

mfsa2019-34

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

mfsa2019-35

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

RHSA-2019:3193

https://access.redhat.com/errata/RHSA-2019:3193

RHSA-2019:3196

https://access.redhat.com/errata/RHSA-2019:3196

RHSA-2019:3210

https://access.redhat.com/errata/RHSA-2019:3210

RHSA-2019:3237

https://access.redhat.com/errata/RHSA-2019:3237

RHSA-2019:3281

https://access.redhat.com/errata/RHSA-2019:3281

RHSA-2019:3756

https://access.redhat.com/errata/RHSA-2019:3756

USN-4165-1

https://usn.ubuntu.com/4165-1/

USN-4202-1

https://usn.ubuntu.com/4202-1/

USN-4335-1

https://usn.ubuntu.com/4335-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:57.484396+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml	37.0.0

2025-07-31T08:09:57.484396+00:00

Mozilla Importer

Import

https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml

37.0.0

Vulnerability ID	VCID-q5bw-8s7d-tfcs
Aliases	CVE-2019-11759
Summary	An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

Percentile	0.86828
EPSS Score	0.03345
Published At	July 30, 2025, 12:55 p.m.