VDB
DEBIAN-CVE-2024-0753
DEBIAN-CVE-2024-0753
PUBLISHED
CVSS 6.5 MEDIUM
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.
Risk Scores
CVSS v3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | firefox-esr | 102.6.0esr-1~deb11u1, 102.8.0, 102.7.0 |
| Debian:13 | firefox-esr | 0, 0, 0 |
| Debian:12 | firefox-esr | 102.15.0esr-1~deb10u1, 115.1.0esr-1, 115.0.2esr-1 |
| Debian:13 | thunderbird | 0, 0, 0 |
| Debian:14 | firefox-esr | 0, 0, 0 |
| Debian:12 | thunderbird | 1:102.11.0-1, 1:102.12.0-1, 1:102.12.0-1~deb10u1 |
| Debian:14 | thunderbird | 0, 0, 0 |
| Debian:11 | thunderbird | *, *, * |
Timeline
- Jan 23, 2024 CVE Published
- Apr 28, 2026 CVE Updated