CVE-2024-2613

Опубликовано: 19 мар. 2024

Источник: debian

EPSS Низкий

Описание

Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
firefox	fixed	124.0-1		package

Примечания

https://www.mozilla.org/en-US/security/advisories/mfsa2024-12/#CVE-2024-2613

EPSS

Процентиль: 33%

0.0013

Низкий

Связанные уязвимости

CVE-2024-2613

CVSS3: 7.5

ubuntu

больше 1 года назад

Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.

CVE-2024-2613

CVSS3: 7.5

nvd

больше 1 года назад

Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.

GHSA-pvg5-mc56-6fv7

CVSS3: 7.5

github

больше 1 года назад

Data was not properly sanitized when decoding a QUIC ACK frame; this could have led to unrestricted memory consumption and a crash. This vulnerability affects Firefox < 124.

BDU:2024-02360

CVSS3: 7.5

fstec

больше 1 года назад

Уязвимость браузера Mozilla Firefox, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 33%

0.0013

Низкий