CVE-2019-9797

UNKNOWN

Published 2019-04-26T16:13:22

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2019-9797. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Mozilla

Firefox

Affected Versions:

unspecified

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-9wjj-25rq-652w

Advisory Details

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2019-9797

WEB https://www.mozilla.org/security/advisories/mfsa2019-07

WEB https://www.debian.org/security/2019/dsa-4451

WEB https://www.debian.org/security/2019/dsa-4448

WEB https://usn.ubuntu.com/3997-1

WEB https://seclists.org/bugtraq/2019/May/67

WEB https://seclists.org/bugtraq/2019/May/59

WEB https://seclists.org/bugtraq/2019/May/56

WEB https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html

WEB https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html

WEB https://bugzilla.mozilla.org/show_bug.cgi?id=1528909

WEB https://access.redhat.com/errata/RHSA-2019:1310

WEB https://access.redhat.com/errata/RHSA-2019:1309

WEB https://access.redhat.com/errata/RHSA-2019:1308

WEB https://access.redhat.com/errata/RHSA-2019:1269

WEB https://access.redhat.com/errata/RHSA-2019:1267

WEB https://access.redhat.com/errata/RHSA-2019:1265

WEB http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html

WEB http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html

WEB http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: April 4, 2024

References

https://www.mozilla.org/security/advisories/mfsa2019-07/

https://bugzilla.mozilla.org/show_bug.cgi?id=1528909

https://seclists.org/bugtraq/2019/May/56

https://seclists.org/bugtraq/2019/May/59

https://www.debian.org/security/2019/dsa-4448

https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html

https://access.redhat.com/errata/RHSA-2019:1265

https://access.redhat.com/errata/RHSA-2019:1267

https://access.redhat.com/errata/RHSA-2019:1269

https://www.debian.org/security/2019/dsa-4451

https://seclists.org/bugtraq/2019/May/67

https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html

https://usn.ubuntu.com/3997-1/

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html

https://access.redhat.com/errata/RHSA-2019:1310

https://access.redhat.com/errata/RHSA-2019:1308

https://access.redhat.com/errata/RHSA-2019:1309

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html

Published: 2019-04-26T16:13:22

Last Modified: 2024-08-04T22:01:54.947Z

Copied to clipboard!

CVE-2019-9797

Expert Analysis

Description

Available Exploits

Related News

Affected Products

Firefox

Affected Versions:

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

References

Request Analysis

What to expect

Request Received!