[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2019:2248-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":68,"duplicates":69,"related":70,"reserved_at":9,"published_at":98,"modified_at":99,"state":9,"summary":100,"references_raw":102,"kevs":259,"epss":9,"epss_history":260,"metrics":261,"affected":262},"OPENSUSE-SU-2019:2248-1","Security update for MozillaThunderbird\n\nThis update for MozillaThunderbird to version 68.1.1 fixes the following issues:\n  \n- CVE-2019-11709: Fixed several memory safety bugs. (bsc#1140868)\n- CVE-2019-11710: Fixed several memory safety bugs. (bsc#1140868)\n- CVE-2019-11711: Fixed a script injection within domain through inner window reuse. (bsc#1140868)\n- CVE-2019-11712: Fixed an insufficient validation of cross-origin POST requests within NPAPI plugins. (bsc#1140868)\n- CVE-2019-11713: Fixed a use-after-free with HTTP/2 cached stream. (bsc#1140868)\n- CVE-2019-11714: Fixed a crash in NeckoChild. (bsc#1140868)\n- CVE-2019-11715: Fixed an HTML parsing error that can contribute to content XSS. (bsc#1140868)\n- CVE-2019-11716: Fixed an enumeration issue in globalThis. (bsc#1140868)\n- CVE-2019-11717: Fixed an improper escaping of the caret character in origins. (bsc#1140868)\n- CVE-2019-11719: Fixed an out-of-bounds read when importing curve25519 private key. (bsc#1140868)\n- CVE-2019-11720: Fixed a character encoding XSS vulnerability. (bsc#1140868)\n- CVE-2019-11721: Fixed domain spoofing through unicode latin 'kra' character. (bsc#1140868)\n- CVE-2019-11723: Fixed a cookie leakage during add-on fetching across private browsing boundaries. (bsc#1140868)\n- CVE-2019-11724: Fixed a permissions issue with the retired site input.mozilla.org. (bsc#1140868)\n- CVE-2019-11725: Fixed a SafeBrowsing bypass through WebSockets. (bsc#1140868)\n- CVE-2019-11727: Fixed an insufficient validation for PKCS#1 v1.5 signatures being used with TLS 1.3. (bsc#1140868)\n- CVE-2019-11728: Fixed port scanning through Alt-Svc header. (bsc#1140868)\n- CVE-2019-11729: Fixed a segmentation fault due to empty or malformed p256-ECDH public keys. (bsc#1140868)\n- CVE-2019-11730: Fixed an insufficient enforcement of the same-origin policy that treats all files in a directory as having the same-origin. (bsc#1140868)\n- CVE-2019-11739: Fixed a Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message. (bsc#1150939)\n- CVE-2019-11740: Fixed several memory safety bugs. (bsc#1149299)\n- CVE-2019-11742: Fixed a same-origin policy violation with SVG filters and canvas that enabled theft of cross-origin images. (bsc#1149303)\n- CVE-2019-11743: Fixed a cross-origin access issue. (bsc#1149298)\n- CVE-2019-11744: Fixed a XSS involving breaking out of title and textarea elements using innerHTML. (bsc#1149304)\n- CVE-2019-11746: Fixed a use-after-free while manipulating video. (bsc#1149297)\n- CVE-2019-11752: Fixed a use-after-free while extracting a key value in IndexedDB. (bsc#1149296)\n- CVE-2019-11755: Fixed an insufficient validation of S/MIME messages that allowed the author to be spoofed. (bsc#1152375)\n\nThis update was imported from the SUSE:SLE-15:Update update project.",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66],{"_key":15},"CVE-2019-11709",{"_key":17},"CVE-2019-11710",{"_key":19},"CVE-2019-11711",{"_key":21},"CVE-2019-11712",{"_key":23},"CVE-2019-11713",{"_key":25},"CVE-2019-11714",{"_key":27},"CVE-2019-11715",{"_key":29},"CVE-2019-11716",{"_key":31},"CVE-2019-11717",{"_key":33},"CVE-2019-11719",{"_key":35},"CVE-2019-11720",{"_key":37},"CVE-2019-11721",{"_key":39},"CVE-2019-11723",{"_key":41},"CVE-2019-11724",{"_key":43},"CVE-2019-11725",{"_key":45},"CVE-2019-11727",{"_key":47},"CVE-2019-11728",{"_key":49},"CVE-2019-11729",{"_key":51},"CVE-2019-11730",{"_key":53},"CVE-2019-11739",{"_key":55},"CVE-2019-11740",{"_key":57},"CVE-2019-11742",{"_key":59},"CVE-2019-11743",{"_key":61},"CVE-2019-11744",{"_key":63},"CVE-2019-11746",{"_key":65},"CVE-2019-11752",{"_key":67},"CVE-2019-11755",[],[],[71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},"2019-10-04T10:23:43Z","2026-02-04T04:20:14.802317Z",{"cisa_kev":101,"cisa_ransomware":101,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[103,109,114,118,122,126,130,134,138,142,146,150,155,159,163,167,171,175,179,183,187,191,195,199,203,207,211,215,219,223,227,231,235,239,243,247,251,255],{"url":104,"sources":105,"tags":107},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QT7HMZ3VUEMJ463IILXJ7LOGN6RQAID5/#QT7HMZ3VUEMJ463IILXJ7LOGN6RQAID5",[106],"osv_opensuse",[108],"Advisory",{"url":110,"sources":111,"tags":112},"https://bugzilla.suse.com/1140868",[106],[113],"REPORT",{"url":115,"sources":116,"tags":117},"https://bugzilla.suse.com/1141322",[106],[113],{"url":119,"sources":120,"tags":121},"https://bugzilla.suse.com/1149296",[106],[113],{"url":123,"sources":124,"tags":125},"https://bugzilla.suse.com/1149297",[106],[113],{"url":127,"sources":128,"tags":129},"https://bugzilla.suse.com/1149298",[106],[113],{"url":131,"sources":132,"tags":133},"https://bugzilla.suse.com/1149299",[106],[113],{"url":135,"sources":136,"tags":137},"https://bugzilla.suse.com/1149303",[106],[113],{"url":139,"sources":140,"tags":141},"https://bugzilla.suse.com/1149304",[106],[113],{"url":143,"sources":144,"tags":145},"https://bugzilla.suse.com/1150939",[106],[113],{"url":147,"sources":148,"tags":149},"https://bugzilla.suse.com/1152375",[106],[113],{"url":151,"sources":152,"tags":153},"https://www.suse.com/security/cve/CVE-2019-11709",[106],[154],"WEB",{"url":156,"sources":157,"tags":158},"https://www.suse.com/security/cve/CVE-2019-11710",[106],[154],{"url":160,"sources":161,"tags":162},"https://www.suse.com/security/cve/CVE-2019-11711",[106],[154],{"url":164,"sources":165,"tags":166},"https://www.suse.com/security/cve/CVE-2019-11712",[106],[154],{"url":168,"sources":169,"tags":170},"https://www.suse.com/security/cve/CVE-2019-11713",[106],[154],{"url":172,"sources":173,"tags":174},"https://www.suse.com/security/cve/CVE-2019-11714",[106],[154],{"url":176,"sources":177,"tags":178},"https://www.suse.com/security/cve/CVE-2019-11715",[106],[154],{"url":180,"sources":181,"tags":182},"https://www.suse.com/security/cve/CVE-2019-11716",[106],[154],{"url":184,"sources":185,"tags":186},"https://www.suse.com/security/cve/CVE-2019-11717",[106],[154],{"url":188,"sources":189,"tags":190},"https://www.suse.com/security/cve/CVE-2019-11719",[106],[154],{"url":192,"sources":193,"tags":194},"https://www.suse.com/security/cve/CVE-2019-11720",[106],[154],{"url":196,"sources":197,"tags":198},"https://www.suse.com/security/cve/CVE-2019-11721",[106],[154],{"url":200,"sources":201,"tags":202},"https://www.suse.com/security/cve/CVE-2019-11723",[106],[154],{"url":204,"sources":205,"tags":206},"https://www.suse.com/security/cve/CVE-2019-11724",[106],[154],{"url":208,"sources":209,"tags":210},"https://www.suse.com/security/cve/CVE-2019-11725",[106],[154],{"url":212,"sources":213,"tags":214},"https://www.suse.com/security/cve/CVE-2019-11727",[106],[154],{"url":216,"sources":217,"tags":218},"https://www.suse.com/security/cve/CVE-2019-11728",[106],[154],{"url":220,"sources":221,"tags":222},"https://www.suse.com/security/cve/CVE-2019-11729",[106],[154],{"url":224,"sources":225,"tags":226},"https://www.suse.com/security/cve/CVE-2019-11730",[106],[154],{"url":228,"sources":229,"tags":230},"https://www.suse.com/security/cve/CVE-2019-11739",[106],[154],{"url":232,"sources":233,"tags":234},"https://www.suse.com/security/cve/CVE-2019-11740",[106],[154],{"url":236,"sources":237,"tags":238},"https://www.suse.com/security/cve/CVE-2019-11742",[106],[154],{"url":240,"sources":241,"tags":242},"https://www.suse.com/security/cve/CVE-2019-11743",[106],[154],{"url":244,"sources":245,"tags":246},"https://www.suse.com/security/cve/CVE-2019-11744",[106],[154],{"url":248,"sources":249,"tags":250},"https://www.suse.com/security/cve/CVE-2019-11746",[106],[154],{"url":252,"sources":253,"tags":254},"https://www.suse.com/security/cve/CVE-2019-11752",[106],[154],{"url":256,"sources":257,"tags":258},"https://www.suse.com/security/cve/CVE-2019-11755",[106],[154],[],[],[],[263,276],{"ecosystem":264,"name":265,"vendor":266,"product":267,"cpe_part":9,"purl_type":268,"purl_namespace":266,"purl_name":267,"source":9,"versions":269},"openSUSE","enigmail","opensuse","enigmail&distro=openSUSE Leap 15.0","rpm",[270],{"version":271,"is_range":272,"range_type":273,"version_start":9,"version_start_type":9,"version_end":274,"version_end_type":275,"fixed_in":9},"lt2_1_2_lp150_34_1",true,"ecosystem","2.1.2-lp150.34.1","excluding",{"ecosystem":264,"name":277,"vendor":266,"product":278,"cpe_part":9,"purl_type":268,"purl_namespace":266,"purl_name":278,"source":9,"versions":279},"MozillaThunderbird","MozillaThunderbird&distro=openSUSE Leap 15.0",[280],{"version":281,"is_range":272,"range_type":273,"version_start":9,"version_start_type":9,"version_end":282,"version_end_type":275,"fixed_in":9},"lt68_1_1_lp150_3_51_1","68.1.1-lp150.3.51.1"]