INFSA-2024:7977: Mozilla Firefox security update
Information about definition
Identificator: INFSA-2024:7977
Type: security
Release date: 2024-10-23 10:25:23 UTC
Information about package
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
Vulnerabilities description
- CVE-2024-9680
An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox < 131.0.2, Firefox ESR < 128.3.1, Firefox ESR < 115.16.1, Thunderbird < 131.0.1, Thunderbird < 128.3.1, and Thunderbird < 115.16.0.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-9680
|
no information | 7.5 | no information |
Updated packages