SUSE: CVE-2024-9397: SUSE Linux Security Advisory

发布于3月6日3月6日

Members

SUSE: CVE-2024-9397: SUSE Linux Security Advisory

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

10/01/2024

Created

01/01/2025

Added

12/31/2024

Modified

01/28/2025

Description

A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.

Solution(s)

suse-upgrade-mozillafirefox
suse-upgrade-mozillafirefox-branding-upstream
suse-upgrade-mozillafirefox-devel
suse-upgrade-mozillafirefox-translations-common
suse-upgrade-mozillafirefox-translations-other
suse-upgrade-mozillathunderbird
suse-upgrade-mozillathunderbird-translations-common
suse-upgrade-mozillathunderbird-translations-other

References

https://attackerkb.com/topics/cve-2024-9397
CVE - 2024-9397

引用

Mention

登录

SUSE: CVE-2024-9397: SUSE Linux Security Advisory

recommended_posts

SUSE: CVE-2024-9397: SUSE Linux Security Advisory

Description

Solution(s)

References

参与讨论

欢迎来到红帽社区

帐户

导航

搜索