CVE-2019-11725: Medium severity firefox vulnerability

Q: What is the severity of CVE-2019-11725?

The severity of CVE-2019-11725 is medium.

Q: Which software products are affected by CVE-2019-11725?

Mozilla Thunderbird, Mozilla Firefox, openSUSE Leap 15.0, and openSUSE Leap 15.1 are affected by CVE-2019-11725.

Q: How does CVE-2019-11725 impact web browsing?

CVE-2019-11725 allows the loading of unsafe resources and bypassing of Safebrowsing protections when a user navigates to a site marked as unsafe.

Q: How can I fix CVE-2019-11725?

Update Mozilla Thunderbird and Mozilla Firefox to version 68.0 or later, or update openSUSE Leap to a version higher than 15.1.

Q: Where can I find more information about CVE-2019-11725?

You can find more information about CVE-2019-11725 at the following references: [1] [2] [3].

Published Jul 9, 2019

Updated

When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections.

Affected Software

5 affected componentsFixes available

Mozilla Firefox<68.0

openSUSE Leap=15.0

openSUSE Leap=15.1

Mozilla Thunderbird<68

Mozilla Firefox<68

Event History

Jul 9, 2019

CVE Published

12:00 AM

Jul 23, 2019

CVE Published

via MITRE·01:16 PM

Data Sourced

via MITRE·01:16 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is the severity of CVE-2019-11725?

The severity of CVE-2019-11725 is medium.

Which software products are affected by CVE-2019-11725?

Mozilla Thunderbird, Mozilla Firefox, openSUSE Leap 15.0, and openSUSE Leap 15.1 are affected by CVE-2019-11725.

How does CVE-2019-11725 impact web browsing?