CVE-2019-11752

2019-09-2718:15:00

Alpine Linux Development Team

security.alpinelinux.org

0.008 Low

EPSS

Percentile

81.2%

JSON

It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1.

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN
Alpine3.10-communitynoarchfirefox-esr< 69.9.0-r0UNKNOWN
Alpine3.11-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN
Alpine3.12-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN
Alpine3.13-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN
Alpine3.14-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN
Alpine3.15-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN
Alpine3.16-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN
Alpine3.17-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN
Alpine3.18-communitynoarchfirefox-esr< 68.1.0-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN
Alpine	3.10-community	noarch	firefox-esr	< 69.9.0-r0	UNKNOWN
Alpine	3.11-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN
Alpine	3.12-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN
Alpine	3.13-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN
Alpine	3.14-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN
Alpine	3.15-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN
Alpine	3.16-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN
Alpine	3.17-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN
Alpine	3.18-community	noarch	firefox-esr	< 68.1.0-r0	UNKNOWN