Security Advisories

CVE-2024-6609

Published

Last updated

https://nvd.nist.gov/vuln/detail/CVE-2024-6609

Severity

8.8

High

CVSS V3

Description

When almost out-of-memory an elliptic curve key which was never allocated could have been freed again. This vulnerability affects Firefox < 128 and Thunderbird < 128.

References

https://github.com/advisories/GHSA-xcm3-jhmr-9fhh
https://www.mozilla.org/security/advisories/mfsa2024-29/
https://www.mozilla.org/security/advisories/mfsa2024-32/
https://bugzilla.mozilla.org/show_bug.cgi?id=1839258
https://security-tracker.debian.org/tracker/CVE-2024-6609

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2024-6609

Severity

Description

References

Affected packages

Product

Product

Why Chainguard

Why Chainguard

Customers

Customers

Company

Company

Resources

Resources