Lucene search
HistoryApr 16, 2024 - 4:15 p.m.
CVE-2024-3854
out-of-bounds-reads
firefox
vulnerability
nvd
code pattern
In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | firefox_esr | * | cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
References
bugzilla.mozilla.org/show_bug.cgi?id=1884552
lists.debian.org/debian-lts-announce/2024/04/msg00012.html
lists.debian.org/debian-lts-announce/2024/04/msg00013.html
www.mozilla.org/security/advisories/mfsa2024-18/
www.mozilla.org/security/advisories/mfsa2024-19/
www.mozilla.org/security/advisories/mfsa2024-20/
Related
cgr
cgr
CVE-2024-3854 vulnerabilities
2024-05-18 03:08:02
debiancve
debiancve
CVE-2024-3854
2024-04-16 16:15:08
redhatcve
redhatcve
CVE-2024-3854
2024-04-17 19:53:30
ubuntucve
ubuntucve
CVE-2024-3854
2024-04-16 00:00:00
veracode
veracode
Out-of-Bounds-Read
2024-04-19 01:24:44
cvelist
cvelist
CVE-2024-3854
2024-04-16 15:14:05
nessus
nessus
AlmaLinux 9 : firefox (ALSA-2024:1908)
2024-04-23 00:00:00
Amazon Linux 2 : firefox (ALASFIREFOX-2024-024)
2024-04-30 00:00:00
Oracle Linux 9 : firefox (ELSA-2024-1908)
2024-04-19 00:00:00
rocky
rocky
firefox security update
2024-05-10 14:32:42
firefox security update
2024-05-06 13:04:21
oraclelinux
oraclelinux
firefox security update
2024-04-19 00:00:00
firefox security update
2024-04-19 00:00:00
firefox security update
2024-04-18 00:00:00
osv
osv
Important: firefox security update
2024-04-18 00:00:00
Important: firefox security update
2024-05-06 13:04:21
Important: firefox security update
2024-05-10 14:32:42
almalinux
almalinux
Important: firefox security update
2024-04-18 00:00:00
Important: firefox security update
2024-04-18 00:00:00
redhat
redhat
(RHSA-2024:1908) Important: firefox security update
2024-04-18 09:05:44
(RHSA-2024:1906) Important: firefox security update
2024-04-18 09:05:27
(RHSA-2024:1909) Important: firefox security update
2024-04-18 09:05:52
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-04-25 00:00:00
Firefox regressions
2024-05-02 00:00:00
Firefox vulnerabilities
2024-04-24 00:00:00
debian
debian
[SECURITY] [DSA 5663-1] firefox-esr security update
2024-04-17 17:21:09
[SECURITY] [DLA 3791-1] thunderbird security update
2024-04-22 08:49:30
[SECURITY] [DLA 3790-1] firefox-esr security update
2024-04-19 10:40:02
openvas
openvas
Debian: Security Advisory (DLA-3791-1)
2024-04-22 00:00:00
Debian: Security Advisory (DSA-5670-1)
2024-04-22 00:00:00
Debian: Security Advisory (DLA-3790-1)
2024-04-22 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.10 — Mozilla
2024-04-16 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.10 — Mozilla
2024-04-16 00:00:00
Security Vulnerabilities fixed in Firefox 125 — Mozilla
2024-04-16 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2024-04-27 03:37:18
Updated firefox packages fix security vulnerabilities
2024-04-27 09:26:16
slackware
slackware
[slackware-security] mozilla-firefox
2024-04-16 18:53:34
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-05-12 00:00:00