VDB
GCVE-110-MAGEIA-2019-211
GCVE-110-MAGEIA-2019-211
Advisory Published
Sandbox escape via installation of malicious language pack. (CVE-2019-9811)
Script injection within domain through inner window reuse. (CVE-2019-11711)
Cross-origin POST requests can be made with NPAPI plugins by following 308
redirects. (CVE-2019-11712)
Use-after-free with HTTP/2 cached stream. (CVE-2019-11713)
Empty or malformed p256-ECDH public keys may trigger a segmentation fault.
(CVE-2019-11729)
HTML parsing error can contribute to content XSS. (CVE-2019-11715)
Caret character improperly escaped in origins. (CVE-2019-11717)
Out-of-bounds read when importing curve25519 private key. (CVE-2019-11719)
Same-origin policy treats all files in a directory as having the
same-origin. (CVE-2019-11730)
Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8.
(CVE-2019-11709)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | nss | 0 (affected), 3.36.8-1.1.mga6 (unaffected), 0 (affected), 3.36.8-1.1.mga6 (unaffected) | — |
| Mageia | firefox-l10n | 0 (affected), 60.8.0-1.mga6 (unaffected), 0 (affected), 60.8.0-1.mga6 (unaffected) | — |
| Mageia | nvidia-current | 0 (affected), 430.64-1.mga7.nonfree (unaffected) | — |
| Mageia | firefox | 0 (affected), 60.8.0-1.mga6 (unaffected), 0 (affected), 60.8.0-1.mga6 (unaffected) | — |
| Mageia | ldetect-lst | 0 (affected), 0.6.6-1.mga7 (unaffected) | — |
| Mageia | rootcerts | 0 (affected), 20190604.00-1.mga6 (unaffected), 20190604.00-1.mga6 (unaffected), 0 (affected) | — |
Aliases
References
nvidia-current maintenance release
advisory
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.