/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-11704

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-11704

CGA ID

CGA-w33q-7rrj-pjv9

Severity

Unknown

Description

A double-free issue could have occurred in sec_pkcs7_decoder_start_decrypt() when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption. This vulnerability affects Firefox < 133, Thunderbird < 133, Firefox ESR < 128.7, and Thunderbird < 128.7.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs