CVE-2024-6609

2024-07-0914:25:59

mozilla

www.cve.org

firefox

memory handling

vulnerability

elliptic curve

out-of-memory

EPSS

0.001

Percentile

30.6%

JSON

When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.

CNA Affected

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "128",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Thunderbird",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "128",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]