7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
42.2%
Crash in NSS TLS method. (CVE-2024-0743) JIT code failed to save return registers on Armv7-A. (CVE-2024-2607) Integer overflow could have led to out of bounds write. (CVE-2024-2608) Improve handling of out-of-memory conditions in ICU. (CVE-2024-2616) NSS susceptible to timing attack against RSA decryption. (CVE-2023-5388) Improper handling of html and body tags enabled CSP nonce leakage. (CVE-2024-2610) Clickjacking vulnerability could have led to a user accidentally granting permissions. (CVE-2024-2611) Self referencing object could have potentially led to a use-after-free. (CVE-2024-2612) Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. (CVE-2024-2614)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 9 | noarch | thunderbird | < 115.9.0-1 | thunderbird-115.9.0-1.mga9 |
Mageia | 9 | noarch | thunderbird-l10n | < 115.9.0-1 | thunderbird-l10n-115.9.0-1.mga9 |