{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T12:01:22.322","vulnerabilities":[{"cve":{"id":"CVE-2019-11761","sourceIdentifier":"security@mozilla.org","published":"2020-01-08T20:15:12.780","lastModified":"2024-11-21T04:21:44.440","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2."},{"lang":"es","value":"Mediante el uso de un formulario con un URI de datos, fue posible conseguir acceso al objeto JSONView privilegiado que había sido clonado en contenido. El impacto de exponer este objeto parece ser mínimo, sin embargo, fue una omisión de los mecanismos de defensa existentes en profundidad. Esta vulnerabilidad afecta a Firefox versiones anteriores a la versión  70, Thunderbird versiones anteriores a la versión 68.2 y Firefox ESR versiones anteriores a la versión  68.2."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"},{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*","versionEndExcluding":"70.0","matchCriteriaId":"F4EA7BDA-DA95-46FB-8568-E857D3479994"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*","versionEndExcluding":"68.2","matchCriteriaId":"19FED95C-5BAF-4E31-8F60-E51609BA3BDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*","versionEndExcluding":"68.2","matchCriteriaId":"2CE97332-80EC-4CDF-A18C-37CD645A8A12"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","matchCriteriaId":"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1561502","source":"security@mozilla.org","tags":["Issue Tracking","Permissions Required"]},{"url":"https://security.gentoo.org/glsa/202003-10","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4335-1/","source":"security@mozilla.org","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-33/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-34/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-35/","source":"security@mozilla.org","tags":["Vendor Advisory"]},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1561502","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required"]},{"url":"https://security.gentoo.org/glsa/202003-10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/4335-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-33/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-34/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2019-35/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}