CVE-2024-6612
EUVD-2024-4767409.07.2024, 15:15
CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 𝑥 < 128.0 |
| mozilla | thunderbird | 𝑥 < 128.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| mozilla | firefox | 𝑥 < 128 | ADP |
| mozilla | thunderbird | 𝑥 < 128 | ADP |
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||||
| thunderbird |
| ||||||||||
| mozjs38 |
| ||||||||||
| mozjs52 |
| ||||||||||
| mozjs68 |
| ||||||||||
| mozjs78 |
| ||||||||||
| mozjs91 |
| ||||||||||
| mozjs102 |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| MozillaFirefox |
| ||||||||||||||||||||||||||||||||||||
| MozillaFirefox-branding-SLE-128 |
| ||||||||||||||||||||||||||||||||||||
| MozillaFirefox-devel |
| ||||||||||||||||||||||||||||||||||||
| MozillaFirefox-translations-common |
| ||||||||||||||||||||||||||||||||||||
| MozillaFirefox-translations-other |
| ||||||||||||||||||||||||||||||||||||
| MozillaThunderbird |
| ||||||||||||||||||||||||||||||||||||
| MozillaThunderbird-translations-common |
| ||||||||||||||||||||||||||||||||||||
| MozillaThunderbird-translations-other |
|
Common Weakness Enumeration
References