Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-6609HistoryJul 09, 2024 - 3:15 p.m.
CVE-2024-6609
2024-07-0915:15:12
Debian Security Bug Tracker
security-tracker.debian.org
8
elliptic curve
memory allocation
vulnerability
firefox
unix
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
30.6%
When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 128.0-1 | firefox_128.0-1_all.deb |
| Debian | 12 | all | nss | <= 2:3.87.1-1 | nss_2:3.87.1-1_all.deb |
| Debian | 11 | all | nss | <= 2:3.61-1+deb11u3 | nss_2:3.61-1+deb11u3_all.deb |
| Debian | 999 | all | nss | < 2:3.101-1 | nss_2:3.101-1_all.deb |
| Debian | 13 | all | nss | < 2:3.101-1 | nss_2:3.101-1_all.deb |
Related
osv
osv
CGA-2xxv-97p2-h22f
2024-07-15 21:51:30
CVE-2024-6609
2024-07-10 00:00:00
firefox vulnerabilities
2024-07-10 05:51:27
cvelist
cvelist
CVE-2024-6609
2024-07-09 14:25:59
nvd
nvd
CVE-2024-6609
2024-07-09 15:15:12
vulnrichment
vulnrichment
CVE-2024-6609
2024-07-09 14:25:59
cve
cve
CVE-2024-6609
2024-07-09 15:15:12
ubuntucve
ubuntucve
CVE-2024-6609
2024-07-10 00:00:00
wolfi
wolfi
CVE-2024-6609 vulnerabilities
2024-09-18 21:11:55
freebsd
freebsd
firefox -- multiple vulnerabilities
2024-08-06 00:00:00
nessus
nessus
FreeBSD : firefox -- multiple vulnerabilities (5e4d7172-66b8-11ef-b104-b42e991fc52e)
2024-08-30 00:00:00
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6890-1)
2024-07-10 00:00:00
Mozilla Firefox < 128.0
2024-07-09 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2024-07-10 00:00:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2024-29) - Linux
2024-07-10 00:00:00
Ubuntu: Security Advisory (USN-6890-1)
2024-07-10 00:00:00
Mozilla Firefox Security Update (mfsa_2024-29) - Windows
2024-07-11 00:00:00
kaspersky
kaspersky
KLA70478 Multiple vulnerabilities in Mozilla Thunderbird
2024-07-11 00:00:00
KLA70406 Multiple vulnerabilities in Mozilla Firefox
2024-07-09 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 128 — Mozilla
2024-07-11 00:00:00
Security Vulnerabilities fixed in Firefox 128 — Mozilla
2024-07-09 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
30.6%
Related for DEBIANCVE:CVE-2024-6609