{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T18:14:43.955","vulnerabilities":[{"cve":{"id":"CVE-2019-11723","sourceIdentifier":"security@mozilla.org","published":"2019-07-23T14:15:16.280","lastModified":"2024-11-21T04:21:39.973","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists during the installation of add-ons where the initial fetch ignored the origin attributes of the browsing context. This could leak cookies in private browsing mode or across different \"containers\" for people who use the Firefox Multi-Account Containers Web Extension. This vulnerability affects Firefox < 68."},{"lang":"es","value":"Se presenta una vulnerabilidad durante la instalación de complementos donde la captura inicial ignoró los atributos de origen del contexto de navegación. Esto podría filtrar cookies en el modo de navegación privada o en diferentes \"containers\" para personas que utilizan la Extensión Web de Contenedores de Cuentas Múltiples de Firefox. Esta vulnerabilidad afecta a Firefox anterior a versión 68."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-346"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"68.0","matchCriteriaId":"BB53FE62-B5D2-497B-A7E3-40FFE81A9653"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","matchCriteriaId":"F1E78106-58E6-4D59-990F-75DA575BFAD9"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","matchCriteriaId":"B620311B-34A3-48A6-82DF-6F078D7A4493"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","source":"security@mozilla.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","source":"security@mozilla.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","source":"security@mozilla.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","source":"security@mozilla.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1528335","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/201908-12","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-21/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1528335","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required","Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/201908-12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-21/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}