Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-3302

Опубликовано: 16 апр. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 3.7

Описание

There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

РелизСтатусПримечание
devel

not-affected

code not present
esm-infra/focal

DNE

focal

released

125.0.2+build1-0ubuntu0.20.04.2
jammy

not-affected

code not present
mantic

not-affected

code not present
noble

not-affected

code not present
upstream

needs-triage

Показывать по

РелизСтатусПримечание
devel

ignored

esm-apps/noble

ignored

esm-infra/focal

DNE

focal

DNE

jammy

ignored

mantic

ignored

end of life, was needs-triage
noble

ignored

upstream

ignored

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/bionic

ignored

esm-infra/focal

DNE

focal

DNE

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/focal

ignored

esm-infra/bionic

ignored

focal

ignored

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

ignored

focal

ignored

jammy

DNE

mantic

DNE

noble

DNE

upstream

ignored

Показывать по

РелизСтатусПримечание
devel

DNE

esm-apps/jammy

ignored

esm-infra/focal

DNE

focal

DNE

jammy

ignored

mantic

DNE

noble

DNE

upstream

ignored

Показывать по

РелизСтатусПримечание
devel

DNE

esm-infra/focal

DNE

focal

DNE

jammy

ignored

mantic

DNE

noble

DNE

upstream

ignored

Показывать по

РелизСтатусПримечание
devel

not-affected

code not present
esm-infra/focal

DNE

focal

released

1:115.10.1+build1-0ubuntu0.20.04.1
jammy

released

1:115.10.1+build1-0ubuntu0.22.04.1
mantic

released

1:115.10.1+build1-0ubuntu0.23.10.1
noble

not-affected

code not present
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 27%
0.00097
Низкий

3.7 Low

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-3302

CVSS3: 3.7
redhat
больше 1 года назад

There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

nvd логотип

CVE-2024-3302

CVSS3: 3.7
nvd
больше 1 года назад

There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

debian логотип

CVE-2024-3302

CVSS3: 3.7
debian
больше 1 года назад

There was no limit to the number of HTTP/2 CONTINUATION frames that wo ...

rocky логотип

RLSA-2024:1940

rocky
больше 1 года назад

Low: thunderbird security update

rocky логотип

RLSA-2024:1939

rocky
больше 1 года назад

Low: thunderbird security update

EPSS

Процентиль: 27%
0.00097
Низкий

3.7 Low

CVSS3

Уязвимость CVE-2024-3302