CVE-2019-11737: Medium severity firefox vulnerability

Q: What is CVE-2019-11737?

CVE-2019-11737 is a vulnerability that affects Mozilla Firefox versions up to and including version 69.

Q: What is the severity of CVE-2019-11737?

CVE-2019-11737 has a low severity rating.

Q: How does CVE-2019-11737 impact Content Security Policy (CSP) directives?

If a wildcard (*) is specified for the host in CSP directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content.

Q: Which software is affected by CVE-2019-11737?

Mozilla Firefox versions up to and including version 69 are affected by CVE-2019-11737.

Q: How can I fix the CVE-2019-11737 vulnerability?

Update your Mozilla Firefox browser to version 69 or higher to fix the CVE-2019-11737 vulnerability.

Published Sep 3, 2019

Updated

If a wildcard ('') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content.

Affected Software

3 affected componentsFixes available

debian/firefox

132.0.2-1

Mozilla Firefox<69

Mozilla Firefox<69.0

Event History

Sep 3, 2019

CVE Published

12:00 AM

Sep 27, 2019

CVE Published

via MITRE·05:20 PM

Data Sourced

via MITRE·05:20 PM

DescriptionWeakness

Aug 12, 2024

Data Sourced

via Launchpad·11:13 PM

Description

Sep 21, 2024

Data Sourced

via Ubuntu·11:20 PM

RemedyDescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

MFSA2019-25

Peer vulnerabilities

Found alongside the following vulnerabilities.

Frequently Asked Questions

What is CVE-2019-11737?

CVE-2019-11737 is a vulnerability that affects Mozilla Firefox versions up to and including version 69.

What is the severity of CVE-2019-11737?

CVE-2019-11737 has a low severity rating.

How does CVE-2019-11737 impact Content Security Policy (CSP) directives?

If a wildcard (*) is specified for the host in CSP directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content.

Which software is affected by CVE-2019-11737?

Mozilla Firefox versions up to and including version 69 are affected by CVE-2019-11737.

How can I fix the CVE-2019-11737 vulnerability?

Update your Mozilla Firefox browser to version 69 or higher to fix the CVE-2019-11737 vulnerability.

CVE-2019-11737: Medium severity firefox vulnerability

Affected Software

Event History

Parent advisories

Peer vulnerabilities

Don't miss critical vulnerabilities

Frequently Asked Questions

What is CVE-2019-11737?

What is the severity of CVE-2019-11737?

How does CVE-2019-11737 impact Content Security Policy (CSP) directives?

Which software is affected by CVE-2019-11737?

How can I fix the CVE-2019-11737 vulnerability?

Company

Resources

Contact