VDB

GCVE-110-MAGEIA-2019-129

GCVE-110-MAGEIA-2019-129
Advisory Published
Vulnetix · Advisory published April 5, 2019
Use-after-free when removing in-use DOM elements. (CVE-2019-9790) Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey. (CVE-2019-9791) IonMonkey leaks JS_OPTIMIZED_OUT magic value to script. (CVE-2019-9792) Improper bounds checks when Spectre mitigations are disabled. (CVE-2019-9793) Command line arguments not discarded during execution. (CVE-2019-9794) Type-confusion in IonMonkey JIT compiler. (CVE-2019-9795) Use-after-free with SMIL animation controller. (CVE-2019-9796) Windows programs that are not 'URL Handlers' are exposed to web content. (CVE-2019-9801) Proxy Auto-Configuration file can define localhost access to be proxied. (CVE-2018-18506) Memory safety bugs fixed in Firefox 66, Firefox ESR 60.6, and Thunderbird 60.6. (CVE-2019-9788) IonMonkey MArraySlice has incorrect alias information. (CVE-2019-9810) Ionmonkey type confusion with __proto__ mutations. (CVE-2019-9813)

Affected Products

VendorProductVersionsPlatforms
Mageialibcap-ng0.7.9-3.1.mga7 (unaffected), 0 (affected)
Mageiathunderbird-l10n0 (affected), 60.6.1-1.mga6 (unaffected), 0 (affected), 60.6.1-1.mga6 (unaffected)
Mageiathunderbird0 (affected), 0 (affected), 60.6.1-1.mga6 (unaffected), 60.6.1-1.mga6 (unaffected)

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›