vulnerability
Oracle Linux: CVE-2024-2609: ELSA-2024-1908: firefox security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | Apr 16, 2024 | Apr 18, 2024 | Jan 7, 2025 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
Apr 16, 2024
Added
Apr 18, 2024
Modified
Jan 7, 2025
Description
The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10.
The Mozilla Foundation Security Advisory describes this flaw as:
The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites.
The Mozilla Foundation Security Advisory describes this flaw as:
The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites.
Solutions
oracle-linux-upgrade-firefoxoracle-linux-upgrade-firefox-x11
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.