CVE-2024-4771

2024-05-1418:15:14

[email protected]

web.nvd.nist.gov

firefox

memory allocation

vulnerability

code execution

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

8.8%

JSON

A memory allocation check was missing which would lead to a use-after-free if the allocation failed. This could have triggered a crash or potentially be leveraged to achieve code execution. This vulnerability affects Firefox < 126.

Affected configurations

Vulners

Node

mozillafirefoxRange≤126

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::

CNA Affected

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "126",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]