CVE-2024-0743
CVE Details
Visit the official vulnerability details page for CVE-2024-0743 to learn more.
Initial Publication
10/26/2024
Last Update
12/16/2024
Third Party Dependency
nss-libs
NIST CVE Summary
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.9, and Thunderbird < 115.9.
CVE Severity
Our Official Summary
An unchecked return value in TLS handshake code could cause a potentially exploitable crash in certain versions of Firefox. This CVE is reported on container images where there are no reported instances of TLS handshake code causing crashes. Risk of this vulnerability getting exploited in Spectro Cloud products is low. Need an update from the 3rd party vendor to fix the vulnerability.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.5.15 | ⚠️ Impacted | ⚠️ Impacted | ✅ No Impact | ✅ No Impact |
| 4.5.10 | ⚠️ Impacted | ⚠️ Impacted | ✅ No Impact | ✅ No Impact |
| 4.5.8 | ⚠️ Impacted | ⚠️ Impacted | ✅ No Impact | ✅ No Impact |
| 4.5.5 | ⚠️ Impacted | ⚠️ Impacted | ✅ No Impact | ✅ No Impact |
| 4.5.4 | ⚠️ Impacted | ⚠️ Impacted | ✅ No Impact | ✅ No Impact |
| 4.4.20 | ⚠️ Impacted | ⚠️ Impacted | ✅ No Impact | ✅ No Impact |
Revision History
| Date | Revision |
|---|---|
| 12/16/2024 | Impacted versions changed from 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10 to 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10, 4.5.15 |
| 11/15/2024 | Impacted versions changed from 4.5.4, 4.5.5, 4.5.8, 4.4.20 to 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10 |
| 11/13/2024 | Impacted versions changed from 4.5.4, 4.5.5, 4.5.8 to 4.5.4, 4.5.5, 4.5.8, 4.4.20 |
| 11/12/2024 | Impacted versions changed from 4.5.4, 4.5.5 to 4.5.4, 4.5.5, 4.5.8 |
| 10/27/2024 | Impacted versions changed from 4.5.4 to 4.5.4, 4.5.5 |