Lucene search
Redhat.comRH:CVE-2024-3302HistoryApr 18, 2024 - 4:55 p.m.
CVE-2024-3302
2024-04-1816:55:04
redhat.com
access.redhat.com
22
mozilla foundation
security advisory
out of memory
http/2
CVSS3
3.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
10.3%
The Mozilla Foundation Security Advisory describes this flaw as: There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser.
Related
cvelist
cvelist
CVE-2024-3302
2024-04-16 15:14:09
debiancve
debiancve
CVE-2024-3302
2024-04-16 16:15:08
almalinux
almalinux
Low: thunderbird security update
2024-04-22 00:00:00
Low: thunderbird security update
2024-04-22 00:00:00
cve
cve
CVE-2024-3302
2024-04-16 16:15:08
nessus
nessus
Rocky Linux 8 : thunderbird (RLSA-2024:1939)
2024-05-06 00:00:00
Oracle Linux 9 : owO: / thunderbird (ELSA-2024-1940)
2024-04-24 00:00:00
Oracle Linux 7 : thunderbird (ELSA-2024-1935)
2024-04-23 00:00:00
oraclelinux
oraclelinux
owO: thunderbird security update
2024-04-23 00:00:00
thunderbird security update
2024-04-22 00:00:00
thunderbird security update
2024-04-22 00:00:00
osv
osv
Low: thunderbird security update
2024-05-10 14:32:42
CGA-7pvm-369p-x5vq
2024-06-06 12:23:28
Low: thunderbird security update
2024-05-06 13:04:21
rocky
rocky
thunderbird security update
2024-05-06 13:04:21
thunderbird security update
2024-05-10 14:32:42
ubuntucve
ubuntucve
CVE-2024-3302
2024-04-16 00:00:00
cgr
cgr
CVE-2024-3302 vulnerabilities
2024-05-19 03:07:16
veracode
veracode
HTTP/2 CONTINUATION Frame Processing
2024-04-19 09:31:42
nvd
nvd
CVE-2024-3302
2024-04-16 16:15:08
vulnrichment
vulnrichment
CVE-2024-3302
2024-04-16 15:14:09
redos
redos
ROS-20240815-06
2024-08-15 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-07-06 00:00:00
Mozilla Thunderbird: Multiple Vulnerabilities
2024-05-12 00:00:00
Mozilla Firefox: Multiple Vulnerabilities
2024-08-06 00:00:00
redhat
redhat
(RHSA-2024:1934) Low: thunderbird security update
2024-04-22 07:59:55
(RHSA-2024:1937) Low: thunderbird security update
2024-04-22 08:00:16
(RHSA-2024:1911) Important: firefox security update
2024-04-18 09:16:03
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-04-25 00:00:00
Firefox regressions
2024-05-02 00:00:00
Firefox vulnerabilities
2024-04-24 00:00:00
debian
debian
[SECURITY] [DSA 5663-1] firefox-esr security update
2024-04-17 17:21:09
[SECURITY] [DSA 5670-1] thunderbird security update
2024-04-22 07:42:03
[SECURITY] [DLA 3791-1] thunderbird security update
2024-04-22 08:49:04
openvas
openvas
Debian: Security Advisory (DSA-5663-1)
2024-04-18 00:00:00
Mozilla Firefox ESR Security Update (mfsa_2024-19) - Mac OS X
2024-04-17 00:00:00
Debian: Security Advisory (DLA-3790-1)
2024-04-22 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2024-04-16 18:53:34
mageia
mageia
Updated firefox packages fix security vulnerabilities
2024-04-27 09:26:16
Updated thunderbird packages fix security vulnerabilities
2024-04-27 03:37:18
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.10 — Mozilla
2024-04-16 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.10 — Mozilla
2024-04-16 00:00:00
Security Vulnerabilities fixed in Firefox 125 — Mozilla
2024-04-16 00:00:00
kaspersky
kaspersky
KLA65640 Multiple vulnerabilities in Mozilla Firefox ESR
2024-04-16 00:00:00
KLA65693 Multiple vulnerabilities in Mozilla Thunderbird
2024-04-16 00:00:00
KLA65639 Multiple vulnerabilities in Mozilla Firefox
2024-04-16 00:00:00
ibm
ibm
CVSS3
3.7
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
10.3%
Related for RH:CVE-2024-3302