CVE-2019-17021
CVSS v3.1
5.3 (Medium)
CVSS v2.0
2.6 (Low)
EPSS
0.79 % (82th)
Affected Products
4
Advisories
9
During the initialization of a new content process, a race condition occurs that can allow a content process to disclose heap addresses from the parent process. Note: this issue only occurs on Windows. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Weaknesses
- CWE-362
- Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2020-01-08 22:15:12
(4 years ago) - Updated Date
-
2022-01-01 20:02:27
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Configuration #2
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...