CVE-2024-11698 The advisory has been revoked - it doesn't affect any version of package firefox (opens in a new tab)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-UBUNTU2004-FIREFOX-8421984
- published27 Nov 2024
- disclosed26 Nov 2024
Introduced: 26 Nov 2024
NewCVE-2024-11698 (opens in a new tab)Amendment
The Ubuntu security team deemed this advisory irrelevant for Ubuntu:20.04.
NVD Description
Note: Versions mentioned in the description apply only to the upstream firefox package and not the firefox package as distributed by Ubuntu.
A flaw in handling fullscreen transitions may have inadvertently caused the application to become stuck in fullscreen mode when a modal dialog was opened during the transition. This issue left users unable to exit fullscreen mode using standard actions like pressing "Esc" or accessing right-click menus, resulting in a disrupted browsing experience until the browser is restarted.
This bug only affects the application when running on macOS. Other operating systems are unaffected. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
References
- http://people.ubuntu.com/~ubuntu-security/cve/CVE-2024-11698
- https://bugzilla.mozilla.org/show_bug.cgi?id=1916152
- https://www.mozilla.org/security/advisories/mfsa2024-63/
- https://www.mozilla.org/security/advisories/mfsa2024-64/
- https://www.mozilla.org/security/advisories/mfsa2024-67/
- https://www.mozilla.org/security/advisories/mfsa2024-68/