CVE-2019-17014: High severity firefox vulnerability
Published Dec 3, 2019
·Updated
If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak.
Affected Software
3 affected componentsFixes available
Mozilla Firefox<71
71
Mozilla Firefox<71.0
debian/firefox
138.0.1-1
Event History
Dec 3, 2019
CVE Published
12:00 AM
Jan 8, 2020
CVE Published
via MITRE·09:25 PM
Data Sourced
via MITRE·09:25 PM
DescriptionWeakness
Jan 11, 2024
Data Sourced
via Launchpad·11:21 PM
Description
Sep 16, 2024
Data Sourced
via Ubuntu·02:11 AM
RemedyDescriptionSeverityAffected Software
Mar 27, 2025
Data Sourced
via Debian·04:05 AM
DescriptionAffected Software
Peer vulnerabilities
Found alongside the following vulnerabilities.
Frequently Asked Questions
1
What is the vulnerability ID?
The vulnerability ID is CVE-2019-17014.
2
What is the severity of CVE-2019-17014?
The severity of CVE-2019-17014 is high with a score of 7.4.
3
Which software is affected by CVE-2019-17014?
The Mozilla Firefox browser versions less than 71 are affected by CVE-2019-17014.
4
How can I fix CVE-2019-17014?
Update your Mozilla Firefox browser to version 71 or higher to fix CVE-2019-17014.
5
Where can I find more information about CVE-2019-17014?
You can find more information about CVE-2019-17014 at the following references: [Bugzilla](https://bugzilla.mozilla.org/show_bug.cgi?id=1322864), [Mozilla Security Advisory](https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/)