[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2019:2251-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":72,"duplicates":73,"related":74,"reserved_at":9,"published_at":104,"modified_at":105,"state":9,"summary":106,"references_raw":108,"kevs":317,"epss":9,"epss_history":318,"metrics":319,"affected":320},"OPENSUSE-SU-2019:2251-1","Security update for MozillaFirefox\n\nThis update for MozillaFirefox to 68.1 fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. (bsc#1140868)\n- CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. (bsc#1149294)\n- CVE-2019-11710: Fixed several memory safety bugs. (bsc#1140868)\n- CVE-2019-11714: Fixed a potentially exploitable crash in Necko. (bsc#1140868)\n- CVE-2019-11716: Fixed a sandbox bypass. (bsc#1140868)\n- CVE-2019-11718: Fixed inadequate sanitation in the Activity Stream component. (bsc#1140868)\n- CVE-2019-11720: Fixed a character encoding XSS vulnerability. (bsc#1140868)\n- CVE-2019-11721: Fixed a homograph domain spoofing issue through unicode latin 'kra' character. (bsc#1140868)\n- CVE-2019-11723: Fixed a cookie leakage during add-on fetching across private browsing boundaries. (bsc#1140868)\n- CVE-2019-11724: Fixed an outdated permission, granting access to retired site input.mozilla.org. (bsc#1140868)\n- CVE-2019-11725: Fixed a Safebrowsing bypass involving WebSockets. (bsc#1140868)\n- CVE-2019-11727: Fixed a vulnerability where it possible to force NSS to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. (bsc#1141322)\n- CVE-2019-11728: Fixed an improper handling of the Alt-Svc header that allowed remote port scans. (bsc#1140868)\n- CVE-2019-11733: Fixed an insufficient protection of stored passwords in 'Saved Logins'. (bnc#1145665)\n- CVE-2019-11735: Fixed several memory safety bugs. (bnc#1149293)\n- CVE-2019-11736: Fixed a file manipulation and privilege escalation in Mozilla Maintenance Service. (bnc#1149292) \n- CVE-2019-11738: Fixed a content security policy bypass through hash-based sources in directives. (bnc#1149302)\n- CVE-2019-11740: Fixed several memory safety bugs. (bsc#1149299)\n- CVE-2019-11742: Fixed a same-origin policy violation involving SVG filters and canvas to steal cross-origin images. (bsc#1149303)\n- CVE-2019-11743: Fixed a timing side-channel attack on cross-origin information, utilizing unload event attributes. (bsc#1149298)\n- CVE-2019-11744: Fixed an XSS caused by breaking out of title and textarea elements using innerHTML. (bsc#1149304)\n- CVE-2019-11746: Fixed a use-after-free while manipulating video. (bsc#1149297)\n- CVE-2019-11752: Fixed a use-after-free while extracting a key value in IndexedDB. (bsc#1149296)\n- CVE-2019-11753: Fixed a privilege escalation with Mozilla Maintenance Service in custom Firefox installation location. (bsc#1149295)\n\nNon-security issues fixed:\n\t  \n- Latest update now also released for s390x. (bsc#1109465)\n- Fixed a segmentation fault on s390vsl082. (bsc#1117473)\n- Fixed a crash on SLES15 s390x. (bsc#1124525)\n- Fixed a segmentation fault. (bsc#1133810)\n\nThis update was imported from the SUSE:SLE-15:Update update project.",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70],{"_key":15},"CVE-2019-11710",{"_key":17},"CVE-2019-11714",{"_key":19},"CVE-2019-11716",{"_key":21},"CVE-2019-11718",{"_key":23},"CVE-2019-11720",{"_key":25},"CVE-2019-11721",{"_key":27},"CVE-2019-11723",{"_key":29},"CVE-2019-11724",{"_key":31},"CVE-2019-11725",{"_key":33},"CVE-2019-11727",{"_key":35},"CVE-2019-11728",{"_key":37},"CVE-2019-11733",{"_key":39},"CVE-2019-11735",{"_key":41},"CVE-2019-11736",{"_key":43},"CVE-2019-11738",{"_key":45},"CVE-2019-11740",{"_key":47},"CVE-2019-11742",{"_key":49},"CVE-2019-11743",{"_key":51},"CVE-2019-11744",{"_key":53},"CVE-2019-11746",{"_key":55},"CVE-2019-11747",{"_key":57},"CVE-2019-11748",{"_key":59},"CVE-2019-11749",{"_key":61},"CVE-2019-11750",{"_key":63},"CVE-2019-11751",{"_key":65},"CVE-2019-11752",{"_key":67},"CVE-2019-11753",{"_key":69},"CVE-2019-9811",{"_key":71},"CVE-2019-9812",[],[],[75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},"2019-10-04T22:24:43Z","2026-02-04T03:52:41.913200Z",{"cisa_kev":107,"cisa_ransomware":107,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[109,115,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184,188,192,196,200,205,209,213,217,221,225,229,233,237,241,245,249,253,257,261,265,269,273,277,281,285,289,293,297,301,305,309,313],{"url":110,"sources":111,"tags":113},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/D6AIQRJID7DIPCU5KTEO6R57LSZRFM6K/#D6AIQRJID7DIPCU5KTEO6R57LSZRFM6K",[112],"osv_opensuse",[114],"Advisory",{"url":116,"sources":117,"tags":118},"https://bugzilla.suse.com/1109465",[112],[119],"REPORT",{"url":121,"sources":122,"tags":123},"https://bugzilla.suse.com/1117473",[112],[119],{"url":125,"sources":126,"tags":127},"https://bugzilla.suse.com/1123482",[112],[119],{"url":129,"sources":130,"tags":131},"https://bugzilla.suse.com/1124525",[112],[119],{"url":133,"sources":134,"tags":135},"https://bugzilla.suse.com/1133810",[112],[119],{"url":137,"sources":138,"tags":139},"https://bugzilla.suse.com/1138688",[112],[119],{"url":141,"sources":142,"tags":143},"https://bugzilla.suse.com/1140868",[112],[119],{"url":145,"sources":146,"tags":147},"https://bugzilla.suse.com/1141322",[112],[119],{"url":149,"sources":150,"tags":151},"https://bugzilla.suse.com/1145665",[112],[119],{"url":153,"sources":154,"tags":155},"https://bugzilla.suse.com/1149292",[112],[119],{"url":157,"sources":158,"tags":159},"https://bugzilla.suse.com/1149293",[112],[119],{"url":161,"sources":162,"tags":163},"https://bugzilla.suse.com/1149294",[112],[119],{"url":165,"sources":166,"tags":167},"https://bugzilla.suse.com/1149295",[112],[119],{"url":169,"sources":170,"tags":171},"https://bugzilla.suse.com/1149296",[112],[119],{"url":173,"sources":174,"tags":175},"https://bugzilla.suse.com/1149297",[112],[119],{"url":177,"sources":178,"tags":179},"https://bugzilla.suse.com/1149298",[112],[119],{"url":181,"sources":182,"tags":183},"https://bugzilla.suse.com/1149299",[112],[119],{"url":185,"sources":186,"tags":187},"https://bugzilla.suse.com/1149302",[112],[119],{"url":189,"sources":190,"tags":191},"https://bugzilla.suse.com/1149303",[112],[119],{"url":193,"sources":194,"tags":195},"https://bugzilla.suse.com/1149304",[112],[119],{"url":197,"sources":198,"tags":199},"https://bugzilla.suse.com/1149323",[112],[119],{"url":201,"sources":202,"tags":203},"https://www.suse.com/security/cve/CVE-2019-11710",[112],[204],"WEB",{"url":206,"sources":207,"tags":208},"https://www.suse.com/security/cve/CVE-2019-11714",[112],[204],{"url":210,"sources":211,"tags":212},"https://www.suse.com/security/cve/CVE-2019-11716",[112],[204],{"url":214,"sources":215,"tags":216},"https://www.suse.com/security/cve/CVE-2019-11718",[112],[204],{"url":218,"sources":219,"tags":220},"https://www.suse.com/security/cve/CVE-2019-11720",[112],[204],{"url":222,"sources":223,"tags":224},"https://www.suse.com/security/cve/CVE-2019-11721",[112],[204],{"url":226,"sources":227,"tags":228},"https://www.suse.com/security/cve/CVE-2019-11723",[112],[204],{"url":230,"sources":231,"tags":232},"https://www.suse.com/security/cve/CVE-2019-11724",[112],[204],{"url":234,"sources":235,"tags":236},"https://www.suse.com/security/cve/CVE-2019-11725",[112],[204],{"url":238,"sources":239,"tags":240},"https://www.suse.com/security/cve/CVE-2019-11727",[112],[204],{"url":242,"sources":243,"tags":244},"https://www.suse.com/security/cve/CVE-2019-11728",[112],[204],{"url":246,"sources":247,"tags":248},"https://www.suse.com/security/cve/CVE-2019-11733",[112],[204],{"url":250,"sources":251,"tags":252},"https://www.suse.com/security/cve/CVE-2019-11735",[112],[204],{"url":254,"sources":255,"tags":256},"https://www.suse.com/security/cve/CVE-2019-11736",[112],[204],{"url":258,"sources":259,"tags":260},"https://www.suse.com/security/cve/CVE-2019-11738",[112],[204],{"url":262,"sources":263,"tags":264},"https://www.suse.com/security/cve/CVE-2019-11740",[112],[204],{"url":266,"sources":267,"tags":268},"https://www.suse.com/security/cve/CVE-2019-11742",[112],[204],{"url":270,"sources":271,"tags":272},"https://www.suse.com/security/cve/CVE-2019-11743",[112],[204],{"url":274,"sources":275,"tags":276},"https://www.suse.com/security/cve/CVE-2019-11744",[112],[204],{"url":278,"sources":279,"tags":280},"https://www.suse.com/security/cve/CVE-2019-11746",[112],[204],{"url":282,"sources":283,"tags":284},"https://www.suse.com/security/cve/CVE-2019-11747",[112],[204],{"url":286,"sources":287,"tags":288},"https://www.suse.com/security/cve/CVE-2019-11748",[112],[204],{"url":290,"sources":291,"tags":292},"https://www.suse.com/security/cve/CVE-2019-11749",[112],[204],{"url":294,"sources":295,"tags":296},"https://www.suse.com/security/cve/CVE-2019-11750",[112],[204],{"url":298,"sources":299,"tags":300},"https://www.suse.com/security/cve/CVE-2019-11751",[112],[204],{"url":302,"sources":303,"tags":304},"https://www.suse.com/security/cve/CVE-2019-11752",[112],[204],{"url":306,"sources":307,"tags":308},"https://www.suse.com/security/cve/CVE-2019-11753",[112],[204],{"url":310,"sources":311,"tags":312},"https://www.suse.com/security/cve/CVE-2019-9811",[112],[204],{"url":314,"sources":315,"tags":316},"https://www.suse.com/security/cve/CVE-2019-9812",[112],[204],[],[],[],[321],{"ecosystem":322,"name":323,"vendor":324,"product":325,"cpe_part":9,"purl_type":326,"purl_namespace":324,"purl_name":325,"source":9,"versions":327},"openSUSE","MozillaFirefox","opensuse","MozillaFirefox&distro=openSUSE Leap 15.1","rpm",[328],{"version":329,"is_range":330,"range_type":331,"version_start":9,"version_start_type":9,"version_end":332,"version_end_type":333,"fixed_in":9},"lt68_1_0_lp151_2_14_1",true,"ecosystem","68.1.0-lp151.2.14.1","excluding"]