Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-11708

Опубликовано: 26 нояб. 2024
Источник: redhat
CVSS3: 3.7
EPSS Низкий

Описание

Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. This vulnerability affects Firefox < 133 and Thunderbird < 133.

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure.

Отчет

Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6firefoxOut of support scope
Red Hat Enterprise Linux 6thunderbirdOut of support scope
Red Hat Enterprise Linux 7firefoxOut of support scope
Red Hat Enterprise Linux 7thunderbirdOut of support scope
Red Hat Enterprise Linux 8firefoxFix deferred
Red Hat Enterprise Linux 8thunderbirdFix deferred
Red Hat Enterprise Linux 9firefoxFix deferred
Red Hat Enterprise Linux 9firefox:flatpak/firefoxFix deferred
Red Hat Enterprise Linux 9thunderbirdFix deferred
Red Hat Enterprise Linux 9thunderbird:flatpak/thunderbirdFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-820
https://bugzilla.redhat.com/show_bug.cgi?id=2328939firefox: thunderbird: Data race with PlaybackParams

EPSS

Процентиль: 14%
0.00045
Низкий

3.7 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-11708

CVSS3: 6.5
ubuntu
7 месяцев назад

Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. This vulnerability affects Firefox < 133 and Thunderbird < 133.

nvd логотип

CVE-2024-11708

CVSS3: 6.5
nvd
7 месяцев назад

Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. This vulnerability affects Firefox < 133 and Thunderbird < 133.

debian логотип

CVE-2024-11708

CVSS3: 6.5
debian
7 месяцев назад

Missing thread synchronization primitives could have led to a data rac ...

github логотип

GHSA-3r9h-5xmh-8j4q

CVSS3: 6.5
github
7 месяцев назад

Missing thread synchronization primitives could have led to a data race on members of the PlaybackParams structure. This vulnerability affects Firefox < 133 and Thunderbird < 133.

fstec логотип

BDU:2025-00071

CVSS3: 6.5
fstec
7 месяцев назад

Уязвимость класса PlaybackParams браузера Mozilla Firefox и почтового клиента Thunderbird, позволяющая нарушителю получить доступ к конфиденциальным данным

EPSS

Процентиль: 14%
0.00045
Низкий

3.7 Low

CVSS3

Уязвимость CVE-2024-11708