Vulnerability CVE-2024-7522: Information

Description

Editor code failed to check an attribute value. This could have led to an out-of-bounds read. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Published: Aug. 6, 2024
Modified: Aug. 12, 2024
Error type identifier: CWE-125

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
firefoxsisyphus129.0-alt1130.0-alt1ALT-PU-2024-10881-1354552Fixed
firefoxsisyphus_riscv64129.0-alt0.port129.0.2-alt0.portALT-PU-2024-11099-1-Fixed
firefoxsisyphus_loongarch64129.0-alt0.port130.0-alt0.portALT-PU-2024-11145-1-Fixed
firefoxp11130.0-alt1126.0.1-alt1ALT-PU-2024-12492-4357171Testing
firefox-esrsisyphus128.1.0-alt1128.2.0-alt1ALT-PU-2024-10877-2354542Fixed
firefox-esrsisyphus_loongarch64128.1.0-alt0.port128.1.0-alt0.portALT-PU-2024-11206-1-Fixed
firefox-esrp11128.2.0-alt1115.11.0-alt1ALT-PU-2024-12493-4357171Testing
thunderbirdsisyphus128.1.0-alt1128.2.1-alt1ALT-PU-2024-10883-1354621Fixed
thunderbirdsisyphus_loongarch64128.1.0-alt1128.2.0-alt1ALT-PU-2024-10969-1-Fixed
thunderbirdp11128.2.1-alt1115.9.0-alt1ALT-PU-2024-12895-2357171Testing

References to Advisories, Solutions, and Tools

    1. Configuration 1

      cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
      End excluding
      129.0

      cpe:2.3:a:mozilla:firefox_esr:128.0:*:*:*:*:*:*:*

      cpe:2.3:a:mozilla:thunderbird:128.0.1:*:*:*:*:*:*:*

      cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
      End excluding
      115.14.0

      cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
      End excluding
      115.14.0