CVE-2019-11707
Mozilla Firefox and Thunderbird Type Confusion Vulnerability
CVSS
—
No CVSS
EPSS
38.0%
p98
KEV
YES
May 23, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
38.0%EPSS · 30 days38.0%
2026-06-302026-07-16
Product
Mozilla / Firefox and Thunderbird
Vulnerability
Mozilla Firefox and Thunderbird Type Confusion Vulnerability
Added to KEV
May 23, 2022
Remediate by
Jun 13, 2022
Known ransomware use
No
Summary description
Mozilla Firefox and Thunderbird contain a type confusion vulnerability that can occur when manipulating JavaScript objects due to issues in Array.pop, allowing for an exploitable crash.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-11707
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2013-1690—99.3%
KEV—80Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability—CVE-2019-11708—98.9%
KEV—80Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability—CVE-2019-17026—98.6%
KEV—80Mozilla Firefox And Thunderbird Type Confusion Vulnerability—CVE-2020-6820—92.8%
KEV—78Mozilla Firefox And Thunderbird Use-After-Free Vulnerability—CVE-2020-6819—85.7%
KEV—76Mozilla Firefox And Thunderbird Use-After-Free Vulnerability—