{"id":"CVE-2019-9813","details":"Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox \u003c 66.0.1, Firefox ESR \u003c 60.6.1, and Thunderbird \u003c 60.6.1.","modified":"2026-03-15T22:30:01.482237Z","published":"2019-04-26T17:29:04.163Z","related":["MGASA-2019-0129","MGASA-2019-0131","SUSE-SU-2019:0852-1","SUSE-SU-2019:0853-1","SUSE-SU-2019:0871-1","openSUSE-SU-2019:1077-1","openSUSE-SU-2019:1126-1","openSUSE-SU-2019:1162-1","openSUSE-SU-2024:10600-1","openSUSE-SU-2024:10601-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2019-12/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:0966"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1144"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2019-09/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2019-10/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1538006"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"60.6.1"}]},{"events":[{"introduced":"0"},{"fixed":"66.0.1"}]},{"events":[{"introduced":"0"},{"fixed":"60.6.1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9813.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}