{"containers":{"cna":{"affected":[{"product":"Firefox","vendor":"Mozilla","versions":[{"lessThan":"69","status":"affected","version":"unspecified","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69."}],"problemTypes":[{"descriptions":[{"description":"Content security policy directives ignore port and path if host is a wildcard","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2019-09-27T17:20:17.000Z","orgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","shortName":"mozilla"},"references":[{"tags":["x_refsource_MISC"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1388015"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@mozilla.org","ID":"CVE-2019-11737","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Firefox","version":{"version_data":[{"version_affected":"<","version_value":"69"}]}}]},"vendor_name":"Mozilla"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any port or path restriction of the directive will be ignored, leading to CSP directives not being properly applied to content. This vulnerability affects Firefox < 69."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Content security policy directives ignore port and path if host is a wildcard"}]}]},"references":{"reference_data":[{"name":"https://bugzilla.mozilla.org/show_bug.cgi?id=1388015","refsource":"MISC","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1388015"},{"name":"https://www.mozilla.org/security/advisories/mfsa2019-25/","refsource":"CONFIRM","url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T23:03:32.672Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1388015"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.mozilla.org/security/advisories/mfsa2019-25/"}]}]},"cveMetadata":{"assignerOrgId":"f16b083a-5664-49f3-a51e-8d479e5ed7fe","assignerShortName":"mozilla","cveId":"CVE-2019-11737","datePublished":"2019-09-27T17:20:17.000Z","dateReserved":"2019-05-03T00:00:00.000Z","dateUpdated":"2024-08-04T23:03:32.672Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}