Arbitrary JavaScript execution in PDF.js. (CVE-2024-4367) IndexedDB files retained in private browsing mode. (CVE-2024-4767) Potential permissions request bypass via clickjacking. (CVE-2024-4768) Cross-origin responses could be distinguished between script and non-script content-types. (CVE-2024-4769) Use-after-free could occur when printing to PDF. (CVE-2024-4770) Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. (CVE-2024-4777)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | thunderbird | < 115.11.0-1 | thunderbird-115.11.0-1.mga9 |
Mageia | 9 | noarch | thunderbird-l10n | < 115.11.0-1 | thunderbird-l10n-115.11.0-1.mga9 |