CVE-2024-7520

CVSS v3.1 8.8 (High)

EPSS 0.07 % (31^th)

Affected Products 3

Advisories 19

NVD Status Analyzed

A type confusion bug in WebAssembly could be leveraged by an attacker to potentially achieve code execution. This vulnerability affects Firefox < 129, Firefox ESR < 128.1, and Thunderbird < 128.1.

Weaknesses

CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: Mozilla Corporation
Published Date: 2024-08-06 13:15:57
(5 weeks ago)
Updated Date: 2024-08-12 16:04:46
(5 weeks ago)

Affected Products

Mozilla

Firefox
Firefox Esr
Thunderbird

Configuration #1

	CPE23	Up To
Mozilla Firefox prior 129.0 version	cpe:2.3:a:mozilla:firefox	< 129.0
Mozilla Firefox Esr prior 128.1.0 version	cpe:2.3:a:mozilla:firefox_esr	< 128.1.0
Mozilla Thunderbird prior 128.1.0 version	cpe:2.3:a:mozilla:thunderbird	< 128.1.0