VDB

GCVE-110-MAGEIA-2019-267

GCVE-110-MAGEIA-2019-267
Advisory Published
Vulnetix · Advisory published September 12, 2019
The updated packages fix several bugs and some security issues: Sandbox escape through Firefox Sync. (CVE-2019-9812) Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9. (CVE-2019-11740) Same-origin policy violation with SVG filters and canvas to steal cross-origin images. (CVE-2019-11742) Cross-origin access to unload event attributes. (CVE-2019-11743) XSS by breaking out of title and textarea elements using innerHTML. (CVE-2019-11744) Use-after-free while manipulating video. (CVE-2019-11746) Use-after-free while extracting a key value in IndexedDB. (CVE-2019-11752) Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location. (CVE-2019-11753)

Affected Products

VendorProductVersionsPlatforms
Mageianss0 (affected), 3.36.8-1.2.mga6 (unaffected)
Mageiafirefox-l10n0 (affected), 60.9.0-1.mga6 (unaffected)
Mageianspr0 (affected), 4.22-1.mga6 (unaffected)
Mageiafirefox0 (affected), 60.9.0-1.mga6 (unaffected)
Mageiarootcerts0 (affected), 20190820.00-1.mga6 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›