CVE-2024-10465

Опубликовано: 29 окт. 2024

Источник: debian

Описание

A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

Пакеты

Пакет	Статус	Версия исправления	Тип
firefox	fixed	132.0-1	package
firefox-esr	fixed	128.4.0esr-1	package
thunderbird	fixed	1:128.4.0esr-1	package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2024-55/#CVE-2024-10465
https://www.mozilla.org/en-US/security/advisories/mfsa2024-56/#CVE-2024-10465
https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/#CVE-2024-10465

Связанные уязвимости

CVE-2024-10465

CVSS3: 6.5

ubuntu

8 месяцев назад

A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

CVE-2024-10465

CVSS3: 4.3

redhat

8 месяцев назад

A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

CVE-2024-10465

CVSS3: 6.5

nvd

8 месяцев назад

A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

GHSA-jx2m-9x57-vwr5

CVSS3: 7.5

github

8 месяцев назад

A clipboard "paste" button could persist across tabs which allowed a spoofing attack. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

BDU:2025-00972

CVSS3: 6.5

fstec

8 месяцев назад

Уязвимость веб-браузеров Firefox и Firefox ESR, почтового клиента Thunderbird, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю оказать воздействие на целостность защищаемой информации