Gentoo Linux: CVE-2024-10464: Mozilla Thunderbird: Multiple Vulnerabilities

Gentoo Linux: CVE-2024-10464: Mozilla Thunderbird: Multiple Vulnerabilities

Severity

7

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:C)

Published

10/29/2024

Created

12/10/2024

Added

12/09/2024

Modified

01/28/2025

Description

Repeated writes to history interface attributes could have been used to cause a Denial of Service condition in the browser. This was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

Solution(s)

• gentoo-linux-upgrade-mail-client-thunderbird
• gentoo-linux-upgrade-mail-client-thunderbird-bin
• gentoo-linux-upgrade-www-client-firefox
• gentoo-linux-upgrade-www-client-firefox-bin

References

• https://attackerkb.com/topics/cve-2024-10464
• CVE - 2024-10464
• 202412-06
• 202501-10