DEBIAN-CVE-2024-0742

DEBIAN-CVE-2024-0742 PUBLISHED CVSS 4.300000190734863 MEDIUM

It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

Risk Scores

CVSS v3.1

4.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected Products

Vendor	Product	Versions
Debian:14	firefox-esr	0, 0, 0
Debian:13	thunderbird	0, 0, 0
Debian:14	thunderbird	0, 0, 0
Debian:12	firefox-esr	115.6.0esr-1, 115.5.0esr-1~deb12u1, 115.5.0esr-1~deb11u1
Debian:12	thunderbird	1:103.0~b5-1, 1:110.0~b4-1, 1:112.0~b1-1
Debian:11	firefox-esr	91.9.1esr-1, 0, 102.1.0esr-1
Debian:13	firefox-esr	0, 0, 0
Debian:11	thunderbird	1:91.3.0-1, 1:91.2.0-1, *

Timeline

Jan 23, 2024 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2024-0742 advisory

Open in Interactive Console →