CVE-2024-0750

CVSS v3.1 8.8 (High)

EPSS 0.07 % (31^th)

Affected Products 4

Advisories 35

A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2024-01-23 14:15:38
(7 months ago)
Updated Date: 2024-02-02 17:14:22
(7 months ago)

Affected Products

Debian

Debian Linux

Mozilla

Firefox
Firefox Esr
Thunderbird

Configuration #1

	CPE23	Up To
Mozilla Firefox prior 122.0 version	cpe:2.3:a:mozilla:firefox	< 122.0
Mozilla Firefox Esr prior 115.7 version	cpe:2.3:a:mozilla:firefox_esr	< 115.7
Mozilla Thunderbird 115.7 and prior versions	cpe:2.3:a:mozilla:thunderbird	<= 115.7

Configuration #2

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0