vulnerability

Debian: CVE-2019-13075: firefox-esr -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Jun 30, 2019	Jul 30, 2024	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Jun 30, 2019

Added

Jul 30, 2024

Modified

Mar 30, 2026

Description

Tor Browser through 8.5.3 has an information exposure vulnerability. It allows remote attackers to detect the browser's language via vectors involving an IFRAME element, because text in that language is included in the title attribute of a LINK element for a non-HTML page. This is related to a behavior of Firefox before 68.

Solution

debian-upgrade-firefox-esr

References

CVE-2019-13075
https://attackerkb.com/topics/CVE-2019-13075
CWE-200
EUVD-EUVD-2019-4626
https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-4626

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report