VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	8.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
epss	0.0146	https://api.first.org/data/v1/epss?cve=CVE-2019-11760
cvssv2	6.8	https://nvd.nist.gov/vuln/detail/CVE-2019-11760
cvssv3.1	8.8	https://nvd.nist.gov/vuln/detail/CVE-2019-11760
archlinux	Critical	https://security.archlinux.org/AVG-1054
archlinux	Critical	https://security.archlinux.org/AVG-1055
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
generic_textual	critical	https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

System

Score

Found at

cvssv3

8.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

epss

0.0146

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

cvssv2

6.8

https://nvd.nist.gov/vuln/detail/CVE-2019-11760

cvssv3.1

8.8

https://nvd.nist.gov/vuln/detail/CVE-2019-11760

archlinux

Critical

https://security.archlinux.org/AVG-1054

archlinux

Critical

https://security.archlinux.org/AVG-1055

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

generic_textual

critical

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-11760
		https://bugzilla.mozilla.org/show_bug.cgi?id=1577719
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
		https://security.gentoo.org/glsa/202003-10
		https://www.mozilla.org/security/advisories/mfsa2019-33/
		https://www.mozilla.org/security/advisories/mfsa2019-35/
1764441		https://bugzilla.redhat.com/show_bug.cgi?id=1764441
ASA-201910-15		https://security.archlinux.org/ASA-201910-15
ASA-201910-16		https://security.archlinux.org/ASA-201910-16
AVG-1054		https://security.archlinux.org/AVG-1054
AVG-1055		https://security.archlinux.org/AVG-1055
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
CVE-2019-11760		https://nvd.nist.gov/vuln/detail/CVE-2019-11760
mfsa2019-33		https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
mfsa2019-34		https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
mfsa2019-35		https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
RHSA-2019:3193		https://access.redhat.com/errata/RHSA-2019:3193
RHSA-2019:3196		https://access.redhat.com/errata/RHSA-2019:3196
RHSA-2019:3210		https://access.redhat.com/errata/RHSA-2019:3210
RHSA-2019:3237		https://access.redhat.com/errata/RHSA-2019:3237
RHSA-2019:3281		https://access.redhat.com/errata/RHSA-2019:3281
RHSA-2019:3756		https://access.redhat.com/errata/RHSA-2019:3756
USN-4165-1		https://usn.ubuntu.com/4165-1/
USN-4202-1		https://usn.ubuntu.com/4202-1/
USN-4335-1		https://usn.ubuntu.com/4335-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json

https://api.first.org/data/v1/epss?cve=CVE-2019-11760

https://bugzilla.mozilla.org/show_bug.cgi?id=1577719

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903

https://security.gentoo.org/glsa/202003-10

https://www.mozilla.org/security/advisories/mfsa2019-33/

https://www.mozilla.org/security/advisories/mfsa2019-35/

1764441

https://bugzilla.redhat.com/show_bug.cgi?id=1764441

ASA-201910-15

https://security.archlinux.org/ASA-201910-15

ASA-201910-16

https://security.archlinux.org/ASA-201910-16

AVG-1054

https://security.archlinux.org/AVG-1054

AVG-1055

https://security.archlinux.org/AVG-1055

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

CVE-2019-11760

https://nvd.nist.gov/vuln/detail/CVE-2019-11760

mfsa2019-33

https://www.mozilla.org/en-US/security/advisories/mfsa2019-33

mfsa2019-34

https://www.mozilla.org/en-US/security/advisories/mfsa2019-34

mfsa2019-35

https://www.mozilla.org/en-US/security/advisories/mfsa2019-35

RHSA-2019:3193

https://access.redhat.com/errata/RHSA-2019:3193

RHSA-2019:3196

https://access.redhat.com/errata/RHSA-2019:3196

RHSA-2019:3210

https://access.redhat.com/errata/RHSA-2019:3210

RHSA-2019:3237

https://access.redhat.com/errata/RHSA-2019:3237

RHSA-2019:3281

https://access.redhat.com/errata/RHSA-2019:3281

RHSA-2019:3756

https://access.redhat.com/errata/RHSA-2019:3756

USN-4165-1

https://usn.ubuntu.com/4165-1/

USN-4202-1

https://usn.ubuntu.com/4202-1/

USN-4335-1

https://usn.ubuntu.com/4335-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:09:57.505558+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml	37.0.0

2025-07-31T08:09:57.505558+00:00

Mozilla Importer

Import

https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2019/mfsa2019-33.yml

37.0.0

Vulnerability ID	VCID-yc8j-198r-nych
Aliases	CVE-2019-11760
Summary	A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances.
Status	Published
Exploitability	0.5
Weighted Severity	9.0
Risk	4.5
Affected and Fixed Packages	Package Details

CWE-787	Out-of-bounds Write
CWE-120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Percentile	0.80028
EPSS Score	0.0146
Published At	Aug. 9, 2025, 12:55 p.m.