VDB
DEBIAN-CVE-2024-2609
DEBIAN-CVE-2024-2609
PUBLISHED
CVSS 6.099999904632568 MEDIUM
The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10.
Risk Scores
CVSS v3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | firefox-esr | 0, 0 |
| Debian:11 | thunderbird | 102.7.1-1, 102.7.1+1, 102.7.2-1 |
| Debian:13 | thunderbird | 0, 0 |
| Debian:12 | firefox-esr | 0, 102.11.0esr-1, 102.12.0esr-1 |
| Debian:13 | firefox-esr | 0, 0 |
| Debian:12 | thunderbird | 1:102.14.0-1~deb10u1, 1:102.13.1-1~deb12u1, 1:102.13.1-1~deb10u1 |
| Debian:14 | thunderbird | 0, 0 |
| Debian:11 | firefox-esr | 102.10.0, 102.11.0, 102.11.0 |
Timeline
- Mar 19, 2024 CVE Published
- Apr 28, 2026 CVE Updated