Products
Thunderbird
- < 128.3
- < 131
Firefox
- < 131
- < 128.3
Source
security@mozilla.org
Tags
CVE-2024-9399 details
Published : Oct. 1, 2024, 4:15 p.m.
Last Modified : Oct. 1, 2024, 4:15 p.m.
Last Modified : Oct. 1, 2024, 4:15 p.m.
Description
A website configured to initiate a specially crafted WebTransport session could crash the Firefox process leading to a denial of service condition. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVSS Score
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
References
URL | Source |
---|---|
https://bugzilla.mozilla.org/show_bug.cgi?id=1907726 | security@mozilla.org |
https://www.mozilla.org/security/advisories/mfsa2024-46/ | security@mozilla.org |
https://www.mozilla.org/security/advisories/mfsa2024-47/ | security@mozilla.org |
https://www.mozilla.org/security/advisories/mfsa2024-49/ | security@mozilla.org |
https://www.mozilla.org/security/advisories/mfsa2024-50/ | security@mozilla.org |
This website uses the NVD API, but is not approved or certified by it.