CVE-2024-0748: Medium severity firefox vulnerability
Published Jan 23, 2024
·Updated
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history.
Affected Software
3 affected componentsFixes available
Mozilla Firefox<122
122
Mozilla Firefox<122.0
debian/firefox
137.0-1
Event History
Jan 23, 2024
CVE Published
via Mozilla·12:00 AM
CVE Published
via MITRE·01:48 PM
Data Sourced
via MITRE·01:48 PM
DescriptionWeakness
Data Sourced
via NVD·02:15 PM
DescriptionSeverityAffected Software
Feb 2, 2024
Data Sourced
via Launchpad·02:50 PM
Description
Sep 13, 2024
Data Sourced
via Ubuntu·03:19 PM
RemedyDescriptionSeverityAffected Software
Peer vulnerabilities
Found alongside the following vulnerabilities.
Frequently Asked Questions
1
What is the severity of CVE-2024-0748?
CVE-2024-0748 has been assigned a severity rating that reflects its potential impact on affected systems.
2
How does CVE-2024-0748 affect Mozilla Firefox?
CVE-2024-0748 affects Mozilla Firefox versions up to 122, allowing a compromised content process to alter the document URI.
3
How do I fix CVE-2024-0748?
To mitigate CVE-2024-0748, update Mozilla Firefox to version 135.0 or later.
4
Who is affected by CVE-2024-0748?
Users of Mozilla Firefox versions up to and including 122 are affected by CVE-2024-0748.
5
Can CVE-2024-0748 be exploited remotely?
Yes, CVE-2024-0748 could potentially be exploited remotely if an attacker can compromise a content process.