vulnerability

FreeBSD: VID-f848ef90-1848-11ef-9850-001b217b3468 (CVE-2024-4367): Gitlab -- Vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

May 22, 2024

Added

May 23, 2024

Modified

Jun 15, 2026

Description

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox less than 126, Firefox ESR less than 115.11, and Thunderbird less than 115.11.

Solutions

freebsd-upgrade-package-gitlab-cefreebsd-upgrade-package-gitlab-ee

References

CVE-2024-4367
https://attackerkb.com/topics/CVE-2024-4367
CWE-754
EUVD-EUVD-2024-1831
https://euvd.enisa.europa.eu/vulnerability/EUVD-2024-1831

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report