VDB
GCVE-110-MAGEIA-2019-267
GCVE-110-MAGEIA-2019-267
Advisory Published
The updated packages fix several bugs and some security issues:
Sandbox escape through Firefox Sync. (CVE-2019-9812)
Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox
ESR 60.9. (CVE-2019-11740)
Same-origin policy violation with SVG filters and canvas to steal
cross-origin images. (CVE-2019-11742)
Cross-origin access to unload event attributes. (CVE-2019-11743)
XSS by breaking out of title and textarea elements using innerHTML.
(CVE-2019-11744)
Use-after-free while manipulating video. (CVE-2019-11746)
Use-after-free while extracting a key value in IndexedDB. (CVE-2019-11752)
Privilege escalation with Mozilla Maintenance Service in custom Firefox
installation location. (CVE-2019-11753)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | nss | 0 (affected), 3.36.8-1.2.mga6 (unaffected) | — |
| Mageia | firefox-l10n | 0 (affected), 60.9.0-1.mga6 (unaffected) | — |
| Mageia | nspr | 0 (affected), 4.22-1.mga6 (unaffected) | — |
| Mageia | firefox | 0 (affected), 60.9.0-1.mga6 (unaffected) | — |
| Mageia | rootcerts | 0 (affected), 20190820.00-1.mga6 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.