VulnerableCode Package Details - pkg:rpm/redhat/firefox@128.3.0-1?arch=el9

Search for packages

Vulnerability	Summary	Fixed by
VCID-7wvh-upas-2bgh Aliases: CVE-2024-9394	An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions.	There are no reported fixed by versions.
VCID-jebk-6hja-ukfc Aliases: CVE-2024-9402	Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.	There are no reported fixed by versions.
VCID-ka9e-ps8e-ryc8 Aliases: CVE-2024-9392	Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.	There are no reported fixed by versions.
VCID-kx3j-abfc-qfh2 Aliases: CVE-2024-9393	An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions.	There are no reported fixed by versions.
VCID-z6yt-va55-s3ey Aliases: CVE-2024-9401	Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-7wvh-upas-2bgh
Aliases:
CVE-2024-9394

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions.