Vulnerability in Mozilla Firefox
CVE-2024-11691
Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other pla…
EPSS: 0.002 (44.6th percentile) — read the EPSS interpretation.
Affected products
- Mozilla Firefox — versions unspecified
- Mozilla Firefox Esr — versions unspecified
- Mozilla Thunderbird — versions unspecified
Public proof-of-concept exploits
References
- bugzilla.mozilla.org/show_bug.cgi
- bugzilla.mozilla.org/show_bug.cgi
- www.mozilla.org/security/advisories/mfsa2024-63/
- www.mozilla.org/security/advisories/mfsa2024-64/
- www.mozilla.org/security/advisories/mfsa2024-65/
- www.mozilla.org/security/advisories/mfsa2024-67/
- www.mozilla.org/security/advisories/mfsa2024-68/
- www.mozilla.org/security/advisories/mfsa2024-70/
Frequently asked questions
- What is CVE-2024-11691?
- CVE-2024-11691 is a vulnerability in Mozilla Firefox. Published 2024-11-26.
- Is CVE-2024-11691 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.