1. Home
  2. Vulnerabilities
  3. CVE-2024-3302

CVE-2024-3302

CVSS v3.1 3.7 (Low)
37% Progress
EPSS 0.04 % (11th)
0.04% Progress
Advisories 26
NVD Status Awaiting Analysis
Info CVSS EPSS References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.

CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
Mozilla Corporation
Published Date
2024-04-16 16:15:08
(5 months ago)
Updated Date
2024-07-03 02:06:08
(2 months ago)