Wind River Support Network

HomeDefectsLIN1022-7130
Not to be fixed

LIN1022-7130 : Security Advisory - firefox - CVE-2024-2610

Created: Mar 19, 2024    Updated: Apr 8, 2024
Resolved Date: Apr 7, 2024
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Userspace

Description

Using a markup injection an attacker could have stolen nonce values. This could have been used to bypass strict content security policies. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CREATE(Triage):(User=admin) CVE-2024-2610 (https://nvd.nist.gov/vuln/detail/CVE-2024-2610)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube