VDB

CISA-2024-7528

CISA-2024-7528 PUBLISHED CVSS 9.8 CRITICAL

Reported by mozilla · Published August 6, 2024

Incorrect garbage collection interaction in IndexedDB could have led to a use-after-free. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.

Risk Scores

CVSS 3.1
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
MozillaFirefoxunspecified
MozillaFirefox ESRunspecified
MozillaThunderbirdunspecified
MozillaThunderbird*, unspecified
MozillaFirefox ESRunspecified, unspecified
mozillafirefox_esr0, 0
mozillafirefox0, 0
mozillathunderbird0, 0
MozillaFirefoxunspecified, unspecified

Timeline

  • Aug 6, 2024 CVE Published
  • Aug 9, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›