Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-6862-1
HistoryJul 03, 2024 - 12:00 a.m.

Firefox vulnerabilities

2024-07-0300:00:00
ubuntu.com
3
firefox
ubuntu 20.04
security issues
denial of service
sensitive information
arbitrary code
memory management
cve-2024-5689
cve-2024-5690
cve-2024-5691
cve-2024-5693
cve-2024-5697
cve-2024-5698
cve-2024-5699
cve-2024-5700
cve-2024-5701
lukas bernhard
irvan kurniawan

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

JSON

Releases

  • Ubuntu 20.04 LTS

Packages

  • firefox - Mozilla Open Source web browser

Details

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-5689,
CVE-2024-5690, CVE-2024-5691, CVE-2024-5693, CVE-2024-5697, CVE-2024-5698,
CVE-2024-5699, CVE-2024-5700, CVE-2024-5701)

Lukas Bernhard discovered that Firefox did not properly manage memory
during garbage collection. An attacker could potentially exploit this
issue to cause a denial of service, or execute arbitrary code.
(CVE-2024-5688)

Lukas Bernhard discovered that Firefox did not properly manage memory in
the JavaScript engine. An attacker could potentially exploit this issue to
obtain sensitive information. (CVE-2024-5694)

Irvan Kurniawan discovered that Firefox did not properly handle certain
allocations in the probabilistic heap checker. An attacker could
potentially exploit this issue to cause a denial of service.
(CVE-2024-5695)

Irvan Kurniawan discovered that Firefox did not properly handle certain
text fragments in input tags. An attacker could potentially exploit this
issue to cause a denial of service. (CVE-2024-5696)

OSVersionArchitecturePackageVersionFilename
Ubuntu20.04noarchfirefox< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-dbg< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-dev< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-geckodriver< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-af< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-an< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-ar< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-as< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-ast< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Ubuntu20.04noarchfirefox-locale-az< 127.0.2+build1-0ubuntu0.20.04.1UNKNOWN
Rows per page:
1-10 of 991

Related

openvas 19
nessus 52
osv 14
mozilla 3
kaspersky 3
almalinux 4
oraclelinux 6
redhat 18
rocky 4
mageia 2
debian 1
ubuntu 1
slackware 1
cvelist 9
vulnrichment 7
ubuntucve 9
debiancve 12
nvd 9
wolfi 7
cve 8
alpinelinux 7
redhatcve 3
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2024-25) - Linux
2024-06-11 00:00:00
Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Mac OS X
2024-06-13 00:00:00
Ubuntu: Security Advisory (USN-6862-1)
2024-07-04 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6862-1)
2024-07-03 00:00:00
Mozilla Firefox < 127.0
2024-06-11 00:00:00
Mozilla Firefox < 127.0
2024-06-11 00:00:00
osv
osv
firefox vulnerabilities
2024-07-03 05:46:30
Important: thunderbird security update
2024-07-02 14:10:24
Important: firefox security update
2024-07-02 14:10:24
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 127 — Mozilla
2024-06-11 00:00:00
Security Vulnerabilities fixed in Firefox ESR 115.12 — Mozilla
2024-06-11 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.12 — Mozilla
2024-06-13 00:00:00
kaspersky
kaspersky
KLA68921 Multiple vulnerabilities in Mozilla Firefox
2024-06-11 00:00:00
KLA68920 Multiple vulnerabilities in Mozilla Firefox ESR
2024-06-11 00:00:00
KLA68933 Multiple vulnerabilities in Mozilla Thunderbird
2024-06-13 00:00:00
almalinux
almalinux
Important: firefox security update
2024-06-17 00:00:00
Important: thunderbird security update
2024-06-20 00:00:00
Important: thunderbird security update
2024-06-20 00:00:00
oraclelinux
oraclelinux
firefox security update
2024-06-17 00:00:00
firefox security update
2024-06-17 00:00:00
thunderbird security update
2024-06-20 00:00:00
redhat
redhat
(RHSA-2024:4002) Important: thunderbird security update
2024-06-20 05:19:56
(RHSA-2024:4015) Important: thunderbird security update
2024-06-20 06:45:17
(RHSA-2024:4018) Important: thunderbird security update
2024-06-20 10:16:00
rocky
rocky
firefox security update
2024-07-02 14:10:24
thunderbird security update
2024-07-02 14:10:24
thunderbird security update
2024-07-02 14:11:35
mageia
mageia
Updated nss & firefox packages fix security vulnerabilities
2024-06-16 02:07:50
Updated thunderbird packages fix security vulnerabilities
2024-06-22 20:32:46
debian
debian
[SECURITY] [DLA 3825-1] firefox-esr security update
2024-06-13 11:08:20
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-06-19 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2024-06-11 21:55:08
cvelist
cvelist
CVE-2024-5694
2024-06-11 12:40:17
CVE-2024-5698
2024-06-11 12:40:18
CVE-2024-5695
2024-06-11 12:40:17
vulnrichment
vulnrichment
CVE-2024-5694
2024-06-11 12:40:17
CVE-2024-5695
2024-06-11 12:40:17
CVE-2024-5689
2024-06-11 12:40:17
ubuntucve
ubuntucve
CVE-2024-5694
2024-06-11 00:00:00
CVE-2024-5698
2024-06-11 00:00:00
CVE-2024-5695
2024-06-11 00:00:00
debiancve
debiancve
CVE-2024-5698
2024-06-11 13:15:51
CVE-2024-5695
2024-06-11 13:15:51
CVE-2024-5694
2024-06-11 13:15:50
nvd
nvd
CVE-2024-5694
2024-06-11 13:15:50
CVE-2024-5698
2024-06-11 13:15:51
CVE-2024-5695
2024-06-11 13:15:51
wolfi
wolfi
CVE-2024-5694 vulnerabilities
2024-07-05 21:08:40
CVE-2024-5698 vulnerabilities
2024-07-05 21:08:40
CVE-2024-5695 vulnerabilities
2024-07-05 21:08:40
cve
cve
CVE-2024-5695
2024-06-11 13:15:51
CVE-2024-5694
2024-06-11 13:15:50
CVE-2024-5698
2024-06-11 13:15:51
alpinelinux
alpinelinux
CVE-2024-5698
2024-06-11 13:15:51
CVE-2024-5694
2024-06-11 13:15:50
CVE-2024-5695
2024-06-11 13:15:51
redhatcve
redhatcve
CVE-2024-5696
2024-06-11 20:54:16
CVE-2024-5700
2024-06-11 20:54:26
CVE-2024-5690
2024-06-11 20:53:36

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.4 High

AI Score

Confidence

High

JSON
Related for USN-6862-1
openvas19nessus52osv14mozilla3kaspersky3almalinux4oraclelinux6redhat18rocky4mageia2debian1ubuntu1slackware1cvelist9vulnrichment7ubuntucve9debiancve12nvd9wolfi7cve8alpinelinux7redhatcve3