{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-9394", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2024-10-01T06:10:09.702Z", "datePublished": "2024-10-01T15:13:19.407Z", "dateUpdated": "2024-10-30T17:44:17.609Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"lessThan": "131", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "128.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Firefox ESR", "vendor": "Mozilla", "versions": [{"lessThan": "115.16", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "128.3", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"lessThan": "131", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131."}]}], "problemTypes": [{"descriptions": [{"description": "Cross-origin access to JSON contents through multipart responses", "lang": "en", "type": "text"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918874"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-46/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-47/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-48/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-49/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-50/"}], "credits": [{"lang": "en", "value": "Masato Kinugawa"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2024-10-01T15:13:19.407Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-01T18:04:59.636685Z", "id": "CVE-2024-9394", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-30T17:44:17.609Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-9394", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-01T18:04:59.636685Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T18:05:08.907Z"}}], "cna": {"credits": [{"lang": "en", "value": "Masato Kinugawa"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "131", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "128.3", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Firefox ESR", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "115.16", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "128.3", "versionType": "custom"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "131", "versionType": "custom"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918874"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-46/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-47/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-48/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-49/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2024-50/"}], "descriptions": [{"lang": "en", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.", "supportingMedia": [{"type": "text/html", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Cross-origin access to JSON contents through multipart responses"}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2024-10-01T15:13:19.407Z"}}}, "cveMetadata": {"cveId": "CVE-2024-9394", "state": "PUBLISHED", "dateUpdated": "2024-10-30T17:44:17.609Z", "dateReserved": "2024-10-01T06:10:09.702Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2024-10-01T15:13:19.407Z", "assignerShortName": "mozilla"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "DA47FFCA-3451-462C-8FFB-47143C65E65A", "versionEndExcluding": "131.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE98FB6E-21A3-4917-8806-09D3AF4FB876", "versionEndExcluding": "115.16.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAB84369-2EC9-42EC-A9BF-95A3EB9925C1", "versionEndExcluding": "128.3.0", "versionStartIncluding": "116.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B27464A-8C97-4D45-B7BE-CD1E3EA1DFD6", "versionEndExcluding": "128.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta:*:*:*:*:*:*", "matchCriteriaId": "1CF643F7-C722-44F1-827C-3974B45A3D0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "963ACFD6-B12A-4A66-A539-FD156C6F5220", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "B9E39014-2E8F-4E19-9575-978AB56E451A", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "28752A54-6016-4F6E-983B-CB54FEA19E5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "DA46E15E-0C2B-4F6E-8BA3-B7CB32C58D43", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:129.0:beta6:*:*:*:*:*:*", "matchCriteriaId": "90AD96F8-A88B-4B70-A4D2-CD7637DF239A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131."}, {"lang": "es", "value": "Un atacante podr\u00eda, mediante una respuesta de varias partes especialmente manipulada, ejecutar c\u00f3digo JavaScript arbitrario bajo el origen `resource://devtools`. Esto podr\u00eda permitirle acceder a contenido JSON de origen cruzado. Este acceso est\u00e1 limitado a documentos del \"mismo sitio\" por la funci\u00f3n de aislamiento de sitios en los clientes de escritorio, pero el acceso completo de origen cruzado es posible en las versiones de Android. Esta vulnerabilidad afecta a Firefox &lt; 131, Firefox ESR &lt; 128.3, Firefox ESR &lt; 115.16, Thunderbird &lt; 128.3 y Thunderbird &lt; 131."}], "id": "CVE-2024-9394", "lastModified": "2024-10-30T18:35:22.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-10-01T16:15:10.683", "references": [{"source": "security@mozilla.org", "tags": ["Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1918874"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-46/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-47/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-48/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-49/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2024-50/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:7702", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "firefox-0:128.3.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7699", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:128.3.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7700", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:128.3.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7646", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "firefox-0:128.3.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2024:7856", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "thunderbird-0:128.3.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7703", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "firefox-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7854", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "thunderbird-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7703", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "firefox-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7854", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "thunderbird-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7703", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "firefox-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7854", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "thunderbird-0:128.3.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7704", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "firefox-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:8169", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "thunderbird-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:7704", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "firefox-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:8169", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "thunderbird-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:7704", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "firefox-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:8169", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "thunderbird-0:128.3.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:7842", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "firefox-0:128.3.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:8166", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "thunderbird-0:128.3.1-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-10-16T00:00:00Z"}, {"advisory": "RHSA-2024:7505", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:128.3.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7552", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:128.3.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7621", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "firefox-0:128.3.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2024:7855", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "thunderbird-0:128.3.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-10-09T00:00:00Z"}, {"advisory": "RHSA-2024:7622", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "firefox-0:128.3.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2024:7853", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "thunderbird-0:128.3.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-10-09T00:00:00Z"}], "bugzilla": {"description": "firefox: thunderbird: Cross-origin access to JSON contents through multipart responses", "id": "2315957", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315957"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", "status": "verified"}, "cwe": "CWE-94", "details": ["An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131.", "A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the resource://devtools origin. This could allow them to access cross-origin JSON content. This access is limited to \"same site\" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions."], "name": "CVE-2024-9394", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "firefox-flatpak-container", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "thunderbird-flatpak-container", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-10-01T15:13:19Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-9394\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-9394\nhttps://www.mozilla.org/security/advisories/mfsa2024-47/\nhttps://www.mozilla.org/security/advisories/mfsa2024-48/\nhttps://www.mozilla.org/security/advisories/mfsa2024-49/\nhttps://www.mozilla.org/security/advisories/mfsa2024-50/"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Important"}