1. Home
  2. Vulnerabilities
  3. CVE-2024-5690

CVE-2024-5690

CVSS v3.1 4.3 (Medium)
43% Progress
EPSS 0.06 % (24th)
0.06% Progress
Affected Products 4
Advisories 34
NVD Status Analyzed
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

By monitoring the time certain operations take, an attacker could have guessed which external protocol handlers were functional on a user's system. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.

Weaknesses
CWE-203
Observable Discrepancy
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
Mozilla Corporation
Published Date
2024-06-11 13:15:50
(3 months ago)
Updated Date
2024-08-09 13:43:37
(5 weeks ago)

Affected Products

Debian

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox prior 127.0 version cpe:2.3:a:mozilla:firefox < 127.0
  Mozilla Firefox Esr prior 115.12 version cpe:2.3:a:mozilla:firefox_esr < 115.12
  Mozilla Thunderbird prior 115.12 version cpe:2.3:a:mozilla:thunderbird < 115.12

Configuration #2

    CPE23 From Up To
  Debian Linux 10.0 cpe:2.3:o:debian:debian_linux:10.0