Mozilla Releases Security Updates for Firefox and Firefox ESR
Advisory addresses one critical vulnerability
Summary
Advisory addresses one critical vulnerability
Affected platforms
The following platforms are known to be affected:
Threat details
Exploitation of CVE-2024-9680
Mozilla has observed exploitation of CVE-2024-9680 in the wild.
Introduction
Mozilla has released security updates to address one critical vulnerability in Firefox and Firefox ESR.
CVE-2024-9680 is a use-after-free vulnerability in Animation timelines and has a CVSSv3 score of 9.8. Exploitation could allow a remote, unauthenticated attacker to achieve code execution.
Remediation advice
Affected organisations are encouraged to review the Mozilla Foundation Security Advisory mfsa2024-51 and apply the relevant updates.
Definitive source of threat updates
Last edited: 10 October 2024 3:51 pm