UBUNTU-CVE-2024-8388

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2024-8388

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-8388.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-8388

Related

CVE-2024-8388

Published

2024-09-03T13:15:00Z

Modified

2024-09-03T13:15:00Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode after the fix for CVE-2023-6870 in Firefox 121. This could lead to spoofing the browser UI if the sudden appearance of the prompt distracted the user from noticing the visual transition happening behind the prompt. These notifications now use the Android Toast feature. This bug only affects Firefox on Android. Other operating systems are unaffected. This vulnerability affects Firefox < 130.

References

Affected packages

Ubuntu:Pro:18.04:LTS / mozjs52

Package

Name: mozjs52

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

52.*

52.3.1-0ubuntu3

52.3.1-7fakesync1

52.8.1-0ubuntu0.18.04.1

52.9.1-0ubuntu0.18.04.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / mozjs38

Package

Name: mozjs38

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

38.*

38.8.0~repack1-0ubuntu1

38.8.0~repack1-0ubuntu3

38.8.0~repack1-0ubuntu4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / mozjs52

Package

Name: mozjs52

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

52.*

52.9.1-1build1

52.9.1-1ubuntu3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / mozjs68

Package

Name: mozjs68

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

68.*

68.5.0-1~fakesync

68.5.0-2~fakesync

68.6.0-1

68.6.0-1ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / thunderbird

Package

Name: thunderbird

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:68.*

1:68.1.2+build1-0ubuntu1

1:68.1.2+build1-0ubuntu2

1:68.2.1+build1-0ubuntu1

1:68.2.2+build1-0ubuntu1

1:68.3.0+build2-0ubuntu1

1:68.3.1+build1-0ubuntu2

1:68.4.1+build1-0ubuntu1

1:68.4.2+build2-0ubuntu1

1:68.5.0+build1-0ubuntu1

1:68.6.0+build2-0ubuntu1

1:68.7.0+build1-0ubuntu1

1:68.7.0+build1-0ubuntu2

1:68.8.0+build2-0ubuntu0.20.04.2

1:68.10.0+build1-0ubuntu0.20.04.1

1:78.*

1:78.7.1+build1-0ubuntu0.20.04.1

1:78.8.1+build1-0ubuntu0.20.04.1

1:78.11.0+build1-0ubuntu0.20.04.2

1:78.13.0+build1-0ubuntu0.20.04.2

1:78.14.0+build1-0ubuntu0.20.04.1

1:78.14.0+build1-0ubuntu0.20.04.2

1:91.*

1:91.5.0+build1-0ubuntu0.20.04.1

1:91.7.0+build2-0ubuntu0.20.04.1

1:91.8.1+build1-0ubuntu0.20.04.1

1:91.9.1+build1-0ubuntu0.20.04.1

1:91.11.0+build2-0ubuntu0.20.04.1

1:102.*

1:102.2.2+build1-0ubuntu0.20.04.1

1:102.4.2+build2-0ubuntu0.20.04.1

1:102.7.1+build2-0ubuntu0.20.04.1

1:102.8.0+build2-0ubuntu0.20.04.1

1:102.9.0+build1-0ubuntu0.20.04.1

1:102.10.0+build2-0ubuntu0.20.04.1

1:102.11.0+build1-0ubuntu0.20.04.1

1:102.13.0+build1-0ubuntu0.20.04.1

1:102.15.0+build1-0ubuntu0.20.04.1

1:102.15.1+build1-0ubuntu0.20.04.1

1:115.*

1:115.3.1+build1-0ubuntu0.20.04.1

1:115.4.1+build1-0ubuntu0.20.04.1

1:115.5.0+build1-0ubuntu0.20.04.1

1:115.6.0+build2-0ubuntu0.20.04.1

1:115.8.1+build1-0ubuntu0.20.04.1

1:115.9.0+build1-0ubuntu0.20.04.1

1:115.10.1+build1-0ubuntu0.20.04.1

1:115.11.0+build2-0ubuntu0.20.04.1

1:115.12.0+build3-0ubuntu0.20.04.1

1:115.13.0+build5-0ubuntu0.20.04.1

1:115.15.0+build1-0ubuntu0.20.04.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / mozjs102

Package

Name: mozjs102

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

102.*

102.11.0-0ubuntu0.22.04.1

102.12.0-0ubuntu0.22.04.1

102.13.0-0ubuntu0.22.04.1

102.15.1-0ubuntu0.22.04.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / mozjs78

Package

Name: mozjs78

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

78.*

78.13.0-1

78.15.0-2

78.15.0-4ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / mozjs91

Package

Name: mozjs91

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

91.*

91.5.1-0ubuntu1

91.6.0-1

91.6.0-2

91.7.0-2

91.10.0-0ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / thunderbird

Package

Name: thunderbird

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:91.*

1:91.1.2+build1-0ubuntu1

1:91.3.0+build2-0ubuntu1

1:91.3.1+build1-0ubuntu1

1:91.3.2+build1-0ubuntu1

1:91.4.0+build1.1-0ubuntu1

1:91.4.0+build2-0ubuntu1

1:91.5.0+build1-0ubuntu1

1:91.5.1+build1-0ubuntu1

1:91.6.1+build1-0ubuntu1

1:91.7.0+build1-0ubuntu1

1:91.7.0+build2-0ubuntu1

1:91.8.0+build2-0ubuntu1

1:91.9.1+build1-0ubuntu0.22.04.1

1:91.11.0+build2-0ubuntu0.22.04.1

1:102.*

1:102.2.2+build1-0ubuntu0.22.04.1

1:102.4.2+build2-0ubuntu0.22.04.1

1:102.7.1+build2-0ubuntu0.22.04.1

1:102.8.0+build2-0ubuntu0.22.04.1

1:102.9.0+build1-0ubuntu0.22.04.1

1:102.10.0+build2-0ubuntu0.22.04.1

1:102.11.0+build1-0ubuntu0.22.04.1

1:102.13.0+build1-0ubuntu0.22.04.1

1:102.15.0+build1-0ubuntu0.22.04.1

1:102.15.1+build1-0ubuntu0.22.04.1

1:115.*

1:115.3.1+build1-0ubuntu0.22.04.2

1:115.4.1+build1-0ubuntu0.22.04.1

1:115.5.0+build1-0ubuntu0.22.04.1

1:115.6.0+build2-0ubuntu0.22.04.1

1:115.8.1+build1-0ubuntu0.22.04.1

1:115.9.0+build1-0ubuntu0.22.04.1

1:115.10.1+build1-0ubuntu0.22.04.1

1:115.11.0+build2-0ubuntu0.22.04.1

1:115.12.0+build3-0ubuntu0.22.04.1

1:115.13.0+build5-0ubuntu0.22.04.1

1:115.15.0+build1-0ubuntu0.22.04.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / mozjs102

Package

Name: mozjs102

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

102.*

102.15.1-1

102.15.1-3ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / mozjs115

Package

Name: mozjs115

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

115.*

115.3.0-0ubuntu1

115.4.0-2

115.5.0-1

115.6.0-1

115.7.0-4

115.8.0-1

115.9.0-1

115.9.0-1build1

115.10.0-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}