CVE-2019-9797

MEDIUM

Firefox < 66 - Info Disclosure

Title source: llm

Description

Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then rendering the resulting bitmap image within a canvas element. This vulnerability affects Firefox < 66.

References (19)

Scores

CVSS v3 5.3
EPSS 0.0049
EPSS Percentile 65.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE
CWE-346
Status published

Affected Products (1)

mozilla/firefox < 66.0

Timeline

Published Apr 26, 2019
Tracked Since Feb 18, 2026