RHSA-2024:1982LowCVSS 7.5
Red Hat Security Advisory: thunderbird security update
🔗 CVE IDs covered (8)
📋 Description
CVE-2024-2609 — Mozilla: Permission prompt input delay could expire when not in focus CVE-2024-3302 — Mozilla: Denial of Service using HTTP/2 CONTINUATION frames CVE-2024-3852 — Mozilla: GetBoundName in the JIT returned the wrong object CVE-2024-3854 — Mozilla: Out-of-bounds-read after mis-optimized switch statement CVE-2024-3857 — Mozilla: Incorrect JITting of arguments led to use-after-free during garbage collection CVE-2024-3859 — Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer CVE-2024-3861 — Mozilla: Potential use-after-free due to AlignedBuffer self-move CVE-2024-3864 — Mozilla: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10