Lucene search

K
cvelistMozillaCVELIST:CVE-2019-17021
HistoryJan 08, 2020 - 9:29 p.m.

CVE-2019-17021

2020-01-0821:29:40
mozilla
www.cve.org
2

AI Score

5.9

Confidence

High

EPSS

0.008

Percentile

81.6%

During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.

CNA Affected

[
  {
    "product": "Firefox ESR",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "affected",
        "version": "before 68.4"
      }
    ]
  },
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "status": "affected",
        "version": "before 72"
      }
    ]
  }
]

AI Score

5.9

Confidence

High

EPSS

0.008

Percentile

81.6%