VDB
CVE-2024-0748
CVE-2024-0748
PUBLISHED
CVSS 8.699999809265137 HIGH
Es bestehen mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird. Diese Fehler bestehen unter anderem in verschiedenen Komponenten wie WebAudio oder ANGLE. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen oder seine Privilegien zu erweitern. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.16% · 37.1th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.16%
37.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| RESF | RESF Rocky Linux | |
| Mozilla | Mozilla Firefox <122 | |
| Amazon | Amazon Linux 2 | |
| Fedora | Fedora Linux | |
| Debian | Debian Linux | |
| Ubuntu | Ubuntu Linux | |
| SUSE | SUSE openSUSE | |
| SUSE | SUSE Linux | |
| Mozilla | Mozilla Firefox ESR <115.7 | |
| Gentoo | Gentoo Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Oracle | Oracle Linux | |
| Mozilla | Mozilla Thunderbird <115.7 | |
| Open Source | Open Source CentOS |
Exploit Intelligence
Timeline
- Jan 23, 2024 CVE Published
- Jan 31, 2024 EPSS Score
- Feb 27, 2024 EPSS Score
- Mar 26, 2024 EPSS Score
- Apr 22, 2024 EPSS Score
- May 20, 2024 EPSS Score
- Jun 16, 2024 EPSS Score
- Jul 13, 2024 EPSS Score
- Aug 14, 2024 EPSS Score
- Sep 10, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 8, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0185.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0185 advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-01/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-02/ advisory
- https://www.mozilla.org/en-US/security/advisories/mfsa2024-04/ advisory
- https://lists.debian.org/debian-security-announce/2024/msg00013.html advisory
- https://lists.debian.org/debian-security-announce/2024/msg00012.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-January/017748.html advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-c8c2a52fb8 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2024-278a776610 advisory
- https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-January/017757.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-January/017758.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-January/017761.html advisory
- https://ubuntu.com/security/notices/USN-6610-1 advisory
- https://access.redhat.com/errata/RHSA-2024:0559 advisory
- https://access.redhat.com/errata/RHSA-2024:0605 advisory
- https://access.redhat.com/errata/RHSA-2024:0601 advisory
- https://access.redhat.com/errata/RHSA-2024:0608 advisory
- https://linux.oracle.com/errata/ELSA-2024-0603.html advisory
…and 37 more