CVE-2024-9680

🗓️ 10 Oct 2024 00:00:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 13 Views

Security issue in mozjs* due to unpatchable SpiderMonkey JavaScript engine vulnerabilities noted.

Reporter	Title	Published	Views	Family All 319
FreeBSD	firefox -- use-after-free code execution	9 Oct 202400:00	–	freebsd
GithubExploit	Exploit for Use After Free in Mozilla Firefox	17 Oct 202416:10	–	githubexploit
ATTACKERKB	CVE-2024-9680	9 Oct 202400:00	–	attackerkb
Tenable Nessus	Amazon Linux 2 : firefox (ALASFIREFOX-2024-031)	1 Nov 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : firefox (ALSA-2024:7958)	15 Oct 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : firefox (ALSA-2024:7977)	15 Oct 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : thunderbird (ALSA-2024:8024)	15 Oct 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : thunderbird (ALSA-2024:8025)	15 Oct 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : thunderbird (ALSA-2024:9552)	19 Nov 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : firefox (ALSA-2024:9554)	19 Nov 202400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	20.04	any	firefox	131.0.2+build1-0ubuntu0.20.04.1	firefox_131.0.2+build1-0ubuntu0.20.04.1_any.deb
Ubuntu	20.04	any	thunderbird	1:115.16.0+build2-0ubuntu0.20.04.1	thunderbird_1:115.16.0+build2-0ubuntu0.20.04.1_any.deb
Ubuntu	22.04	any	thunderbird	1:115.16.0+build2-0ubuntu0.22.04.1	thunderbird_1:115.16.0+build2-0ubuntu0.22.04.1_any.deb

Source	Link
cve	www.cve.org/CVERecord
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
mozilla	www.mozilla.org/security/advisories/mfsa2024-51/
ubuntu	www.ubuntu.com/security/notices/USN-7065-1
ubuntu	www.ubuntu.com/security/notices/USN-7066-1
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

26 Aug 2025 10:55Current

7.7High risk

Vulners AI Score7.7

CVSS 3.19.8

EPSS0.30808

SSVC

cve 2024 9680 mozjs package spidermonkey engine security fixes ubuntu 22.04 firefox snap thunderbird snap