CVE ID | Description | Severity |
CVE-2024-2615 | Memory safety bugs fixed in Firefox 124 | Critical |
CVE-2024-2605 | Windows Error Reporter could be used as a Sandbox escape vector | High |
CVE-2024-2606 | Mishandling of WASM register values | High |
CVE-2024-2607 | JIT code failed to save return registers on Armv7-A | High |
CVE-2024-2608 | Integer overflow could have led to out of bounds write | High |
CVE-2024-2614 | Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 | High |
CVE-2023-5388 | NSS susceptible to timing attack against RSA decryption | Moderate |
CVE-2024-2609 | Permission prompt input delay could expire when not in focus | Moderate |
CVE-2024-2610 | Improper handling of html and body tags enabled CSP nonce leakage | Moderate |
CVE-2024-2611 | Clickjacking vulnerability could have led to a user accidentally granting permissions | Moderate |
CVE-2024-2612 | Self referencing object could have potentially led to a use-after-free | Moderate |
CVE-2024-2613 | Improper handling of QUIC ACK frame data could have led to OOM | Low |
Patch ID | Patch description | Bulletin ID |
336919 | Mozilla Firefox (x64) (124.0) | TU-027 |
336918 | Mozilla Firefox (124.0) | TU-027 |
607000 | Mozilla Firefox For Mac (124.0) | MAC-006 |