CVE Vulnerabilities

CVE-2024-6611

Published: Jul 09, 2024 | Modified: Oct 25, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128.

Affected Software

Name Vendor Start Version End Version
Firefox Ubuntu focal *
Mozjs102 Ubuntu devel *
Mozjs102 Ubuntu esm-apps/noble *
Mozjs102 Ubuntu jammy *
Mozjs102 Ubuntu mantic *
Mozjs102 Ubuntu noble *
Mozjs102 Ubuntu upstream *
Mozjs38 Ubuntu esm-apps/bionic *
Mozjs38 Ubuntu upstream *
Mozjs52 Ubuntu esm-apps/focal *
Mozjs52 Ubuntu esm-infra/bionic *
Mozjs52 Ubuntu focal *
Mozjs52 Ubuntu upstream *
Mozjs68 Ubuntu focal *
Mozjs68 Ubuntu upstream *
Mozjs78 Ubuntu esm-apps/jammy *
Mozjs78 Ubuntu jammy *
Mozjs78 Ubuntu upstream *
Mozjs91 Ubuntu jammy *
Mozjs91 Ubuntu upstream *
Thunderbird Ubuntu mantic *

References