Описание
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
The Mozilla Foundation Security Advisory describes this flaw as:
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin
Отчет
Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 6 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 7 Extended Lifecycle Support | firefox | Fixed | RHSA-2024:4508 | 11.07.2024 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2024:4517 | 11.07.2024 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2024:4635 | 18.07.2024 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | firefox | Fixed | RHSA-2024:4586 | 17.07.2024 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | thunderbird | Fixed | RHSA-2024:4717 | 23.07.2024 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | firefox | Fixed | RHSA-2024:4610 | 18.07.2024 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | thunderbird | Fixed | RHSA-2024:4671 | 22.07.2024 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | firefox | Fixed | RHSA-2024:4610 | 18.07.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.1 Medium
CVSS3
Связанные уязвимости
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.
A race condition could lead to a cross-origin container obtaining perm ...
A race condition could lead to a cross-origin container obtaining permissions of the top-level origin. This vulnerability affects Firefox < 128 and Firefox ESR < 115.13.
Уязвимость браузеров Mozilla Firefox, Mozilla Firefox ESR, почтового клиента Mozilla Thunderbird, связанная с неправильным сохранением разрешений, позволяющая нарушителю повысить свои привилегии
EPSS
6.1 Medium
CVSS3