vulnerability

Red Hat: CVE-2019-17014: Mozilla: Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure

Name: Red Hat: CVE-2019-17014: Mozilla: Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure
Creator: Red Hat
Published: 2020-01-08T00:00:00.000Z
Keywords: CVE, Red Hat, 2019, 17014, Mozilla, no-fix-redhat-rpm-package, Severity 4

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Jan 8, 2020

Added

Jul 9, 2025

Modified

Jul 9, 2025

Description

If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox < 71.

Solution

no-fix-redhat-rpm-package

References

NVD-CVE-2019-17014

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report