alpine · CVE-2024-7526

Quick triage

Priority: high Published: Updated:

View at Official alpine advisory, NVD, CVE.org · CVE detail

Freshness: no update timestamp found; verify against the upstream OS advisory manually.

Tracker summary

CVE-2024-7526: 3 source package rows (firefox, firefox-esr, thunderbird); 315 state rows across 3 repos (3.20-community, 3.22-community, edge-community); fixed 0, open 315.

Description:

ANGLE failed to initialize parameters which led to reading from uninitialized memory. This could be leveraged to leak sensitive data from memory. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

cvelogic Threat Intelligence