VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-8d8u-z2wc-aaaj

Essentials
Severities (80)
References (48)
Severity details (18)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-8d8u-z2wc-aaaj
Aliases	CVE-2024-0741
Summary	An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-787

Out-of-bounds Write

System	Score	Found at
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0741.json
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00056	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.00083	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.20427	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.34367	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.40766	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
epss	0.44699	https://api.first.org/data/v1/epss?cve=CVE-2024-0741
cvssv3.1	6.5	https://bugzilla.mozilla.org/show_bug.cgi?id=1864587
ssvc	Track	https://bugzilla.mozilla.org/show_bug.cgi?id=1864587
cvssv3.1	6.5	https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
cvssv3.1	6.5	https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
ssvc	Track	https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
cvssv3	6.5	https://nvd.nist.gov/vuln/detail/CVE-2024-0741
cvssv3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2024-0741
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2024-01
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2024-02
generic_textual	high	https://www.mozilla.org/en-US/security/advisories/mfsa2024-04
cvssv3.1	6.5	https://www.mozilla.org/security/advisories/mfsa2024-01/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2024-01/
cvssv3.1	6.5	https://www.mozilla.org/security/advisories/mfsa2024-02/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2024-02/
cvssv3.1	6.5	https://www.mozilla.org/security/advisories/mfsa2024-04/
ssvc	Track	https://www.mozilla.org/security/advisories/mfsa2024-04/

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0741.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-0741
		https://bugzilla.mozilla.org/show_bug.cgi?id=1864587
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0741
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0742
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0746
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0747
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0749
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0750
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0751
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0753
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0755
		https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html
		https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html
		https://www.mozilla.org/security/advisories/mfsa2024-01/
		https://www.mozilla.org/security/advisories/mfsa2024-02/
		https://www.mozilla.org/security/advisories/mfsa2024-04/
2259926		https://bugzilla.redhat.com/show_bug.cgi?id=2259926
cpe:2.3:a:mozilla:firefox::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
cpe:2.3:a:mozilla:firefox_esr::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox_esr::::::::
cpe:2.3:a:mozilla:thunderbird::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
cpe:2.3:o:debian:debian_linux:10.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
CVE-2024-0741		https://nvd.nist.gov/vuln/detail/CVE-2024-0741
GLSA-202402-25		https://security.gentoo.org/glsa/202402-25
GLSA-202402-26		https://security.gentoo.org/glsa/202402-26
mfsa2024-01		https://www.mozilla.org/en-US/security/advisories/mfsa2024-01
mfsa2024-02		https://www.mozilla.org/en-US/security/advisories/mfsa2024-02
mfsa2024-04		https://www.mozilla.org/en-US/security/advisories/mfsa2024-04
RHSA-2024:0559		https://access.redhat.com/errata/RHSA-2024:0559
RHSA-2024:0565		https://access.redhat.com/errata/RHSA-2024:0565
RHSA-2024:0596		https://access.redhat.com/errata/RHSA-2024:0596
RHSA-2024:0598		https://access.redhat.com/errata/RHSA-2024:0598
RHSA-2024:0600		https://access.redhat.com/errata/RHSA-2024:0600
RHSA-2024:0601		https://access.redhat.com/errata/RHSA-2024:0601
RHSA-2024:0602		https://access.redhat.com/errata/RHSA-2024:0602
RHSA-2024:0603		https://access.redhat.com/errata/RHSA-2024:0603
RHSA-2024:0604		https://access.redhat.com/errata/RHSA-2024:0604
RHSA-2024:0605		https://access.redhat.com/errata/RHSA-2024:0605
RHSA-2024:0608		https://access.redhat.com/errata/RHSA-2024:0608
RHSA-2024:0609		https://access.redhat.com/errata/RHSA-2024:0609
RHSA-2024:0615		https://access.redhat.com/errata/RHSA-2024:0615
RHSA-2024:0616		https://access.redhat.com/errata/RHSA-2024:0616
RHSA-2024:0618		https://access.redhat.com/errata/RHSA-2024:0618
RHSA-2024:0619		https://access.redhat.com/errata/RHSA-2024:0619
RHSA-2024:0622		https://access.redhat.com/errata/RHSA-2024:0622
RHSA-2024:0623		https://access.redhat.com/errata/RHSA-2024:0623
USN-6610-1		https://usn.ubuntu.com/6610-1/
USN-6669-1		https://usn.ubuntu.com/6669-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0741.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://bugzilla.mozilla.org/show_bug.cgi?id=1864587

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/ Found at https://bugzilla.mozilla.org/show_bug.cgi?id=1864587

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/ Found at https://lists.debian.org/debian-lts-announce/2024/01/msg00015.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/ Found at https://lists.debian.org/debian-lts-announce/2024/01/msg00022.html

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-0741

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2024-0741

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.mozilla.org/security/advisories/mfsa2024-01/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/ Found at https://www.mozilla.org/security/advisories/mfsa2024-01/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.mozilla.org/security/advisories/mfsa2024-02/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/ Found at https://www.mozilla.org/security/advisories/mfsa2024-02/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Found at https://www.mozilla.org/security/advisories/mfsa2024-04/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:29Z/ Found at https://www.mozilla.org/security/advisories/mfsa2024-04/

Exploit Prediction Scoring System (EPSS)

Percentile	0.24556
EPSS Score	0.00056
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-01-23T14:51:12.862245+00:00	Mozilla Importer	Import	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2024/mfsa2024-04.yml	34.0.0rc2