CVE ID
|
Description
|
Severity
|
CVE-2024-2615
|
Memory safety bugs fixed in Firefox 124
|
Critical
|
CVE-2024-2605
|
Windows Error Reporter could be used as a Sandbox escape vector
|
High
|
CVE-2024-2606
|
Mishandling of WASM register values
|
High
|
CVE-2024-2607
|
JIT code failed to save return registers on Armv7-A
|
High
|
CVE-2024-2608
|
Integer overflow could have led to out of bounds write
|
High
|
CVE-2024-2614
|
Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
|
High
|
CVE-2023-5388
|
NSS susceptible to timing attack against RSA decryption
|
Moderate
|
CVE-2024-2609
|
Permission prompt input delay could expire when not in focus
|
Moderate
|
CVE-2024-2610
|
Improper handling of html and body tags enabled CSP nonce leakage
|
Moderate
|
CVE-2024-2611
|
Clickjacking vulnerability could have led to a user accidentally granting permissions
|
Moderate
|
CVE-2024-2612
|
Self referencing object could have potentially led to a use-after-free
|
Moderate
|
CVE-2024-2613
|
Improper handling of QUIC ACK frame data could have led to OOM
|
Low
|
Patch ID
|
Patch description |
Bulletin ID
|
336919
|
Mozilla Firefox (x64) (124.0)
|
TU-027
|
336918
|
Mozilla Firefox (124.0)
|
TU-027
|
607000
|
Mozilla Firefox For Mac (124.0)
|
MAC-006
|