CVE-2019-11715
Publication date 11 July 2019
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
Due to an error while parsing page content, it is possible for properly sanitized user input to be misinterpreted and lead to XSS hazards on web sites in certain circumstances. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | 24.04 LTS noble |
Fixed 68.0+build3-0ubuntu1
|
22.04 LTS jammy |
Fixed 68.0+build3-0ubuntu1
|
|
20.04 LTS focal |
Fixed 68.0+build3-0ubuntu1
|
|
18.04 LTS bionic |
Fixed 68.0+build3-0ubuntu0.18.04.1
|
|
16.04 LTS xenial |
Fixed 68.0+build3-0ubuntu0.16.04.1
|
|
14.04 LTS trusty | Not in release | |
mozjs38 | 24.04 LTS noble | Not in release |
22.04 LTS jammy | Not in release | |
20.04 LTS focal | Not in release | |
18.04 LTS bionic | Ignored | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
mozjs52 | 24.04 LTS noble | Not in release |
22.04 LTS jammy | Not in release | |
20.04 LTS focal | Ignored | |
18.04 LTS bionic | Ignored | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
mozjs60 | 24.04 LTS noble | Not in release |
22.04 LTS jammy | Not in release | |
20.04 LTS focal | Not in release | |
18.04 LTS bionic | Not in release | |
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |
thunderbird | 24.04 LTS noble |
Fixed 60.8.0+build1-0ubuntu1
|
22.04 LTS jammy |
Fixed 60.8.0+build1-0ubuntu1
|
|
20.04 LTS focal |
Fixed 60.8.0+build1-0ubuntu1
|
|
18.04 LTS bionic |
Fixed 1:60.8.0+build1-0ubuntu0.18.04.1
|
|
16.04 LTS xenial |
Fixed 1:60.8.0+build1-0ubuntu0.16.04.2
|
|
14.04 LTS trusty | Not in release |
Notes
Severity score breakdown
Parameter | Value |
---|---|
Base score | 6.1 · Medium |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | Required |
Scope | Changed |
Confidentiality | Low |
Integrity impact | Low |
Availability impact | None |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-4054-1
- Firefox vulnerabilities
- 12 July 2019
- USN-4064-1
- Thunderbird vulnerabilities
- 17 July 2019