Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-0743HistoryJan 23, 2024 - 2:15 p.m.
CVE-2024-0743
2024-01-2314:15:38
Debian Security Bug Tracker
security-tracker.debian.org
15
tls handshake
exploitable crash
firefox
thunderbird
cve-2024-0743
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.2%
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 122.0-1 | firefox_122.0-1_all.deb |
| Debian | 12 | all | firefox-esr | < 115.9.0esr-1~deb12u1 | firefox-esr_115.9.0esr-1~deb12u1_all.deb |
| Debian | 11 | all | firefox-esr | < 115.9.0esr-1~deb11u1 | firefox-esr_115.9.0esr-1~deb11u1_all.deb |
| Debian | 10 | all | firefox-esr | < 115.9.1esr-1~deb10u1 | firefox-esr_115.9.1esr-1~deb10u1_all.deb |
| Debian | 999 | all | firefox-esr | < 115.9.0esr-1 | firefox-esr_115.9.0esr-1_all.deb |
| Debian | 13 | all | firefox-esr | < 115.9.0esr-1 | firefox-esr_115.9.0esr-1_all.deb |
| Debian | 12 | all | nss | <= 2:3.87.1-1 | nss_2:3.87.1-1_all.deb |
| Debian | 11 | all | nss | <= 2:3.61-1+deb11u3 | nss_2:3.61-1+deb11u3_all.deb |
| Debian | 10 | all | nss | < 2:3.42.1-1+deb10u8 | nss_2:3.42.1-1+deb10u8_all.deb |
| Debian | 999 | all | nss | < 2:3.96.1-1 | nss_2:3.96.1-1_all.deb |
Related
alpinelinux
alpinelinux
CVE-2024-0743
2024-01-23 14:15:38
nvd
nvd
CVE-2024-0743
2024-01-23 14:15:38
veracode
veracode
Unchecked Return Value
2024-02-03 03:04:18
cvelist
cvelist
CVE-2024-0743
2024-01-23 13:48:20
redhatcve
redhatcve
CVE-2024-0743
2024-01-25 18:11:30
ubuntucve
ubuntucve
CVE-2024-0743
2024-01-23 00:00:00
cnvd
cnvd
Mozilla Firefox Denial of Service Vulnerability (CNVD-2024-10432)
2024-01-26 00:00:00
prion
prion
Code injection
2024-01-23 14:15:00
cve
cve
CVE-2024-0743
2024-01-23 14:15:38
nessus
nessus
Debian dla-3757 : libnss3 - security update
2024-03-11 00:00:00
CentOS 8 : thunderbird (CESA-2024:1494)
2024-04-08 00:00:00
RHEL 7 : thunderbird (RHSA-2024:1498)
2024-04-23 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3757-1)
2024-03-11 00:00:00
Mozilla Thunderbird Security Update (mfsa_2024-14) - Mac OS X
2024-03-25 00:00:00
Mozilla Firefox ESR Security Update (mfsa_2024-13) - Mac OS X
2024-03-25 00:00:00
osv
osv
nss - security update
2024-03-10 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
debian
debian
[SECURITY] [DLA 3757-1] nss security update
2024-03-11 05:37:41
[SECURITY] [DSA 5643-1] firefox-esr security update
2024-03-21 19:19:35
[SECURITY] [DSA 5644-1] thunderbird security update
2024-03-21 19:22:16
oraclelinux
oraclelinux
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-26 00:00:00
thunderbird security update
2024-03-25 00:00:00
redhat
redhat
(RHSA-2024:1496) Moderate: thunderbird security update
2024-03-25 18:33:37
(RHSA-2024:1498) Moderate: thunderbird security update
2024-03-25 18:33:53
(RHSA-2024:1499) Moderate: thunderbird security update
2024-03-25 18:34:00
almalinux
almalinux
Moderate: thunderbird security update
2024-03-25 00:00:00
Moderate: thunderbird security update
2024-03-25 00:00:00
Critical: firefox security update
2024-03-25 00:00:00
rocky
rocky
thunderbird security update
2024-03-27 04:34:32
firefox security update
2024-03-27 04:34:32
centos
centos
thunderbird security update
2024-04-03 14:01:39
firefox security update
2024-04-03 14:00:43
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-03-26 00:00:00
Firefox vulnerabilities
2024-01-29 00:00:00
Firefox regressions
2024-02-07 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2024-03-27 22:40:25
Updated nss firefox, nss packages fix security vulnerabilities
2024-03-27 22:24:13
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.9 — Mozilla
2024-03-19 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.9 — Mozilla
2024-03-19 00:00:00
Security Vulnerabilities fixed in Firefox 122 — Mozilla
2024-01-23 00:00:00
kaspersky
kaspersky
KLA65226 Multiple vulnerabilities in Mozilla Thunderbird
2024-03-19 00:00:00
KLA65225 Multiple vulnerabilities in Mozilla Firefox ESR
2024-03-19 00:00:00
KLA63223 Multiple vulnerabilities in Mozilla Firefox
2024-01-23 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2024-03-20 00:27:50
[slackware-security] mozilla-thunderbird
2024-03-20 00:28:21
gentoo
gentoo
Mozilla Firefox: Multiple Vulnerabilities
2024-02-19 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.2%
Related for DEBIANCVE:CVE-2024-0743