CVE-2024-2608

EPSS 0.04 % (11^th)

Advisories 32

NVD Status Awaiting Analysis

AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding() and AppendEncodedCharacters() could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Weaknesses

CWE-680: Integer Overflow to Buffer Overflow

CVE Status: PUBLISHED
NVD Status: Awaiting Analysis
CNA: Mozilla Corporation
Published Date: 2024-03-19 12:15:08
(6 months ago)
Updated Date: 2024-07-03 01:53:22
(2 months ago)