{"id":"CVE-2024-6603","details":"In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox \u003c 128, Firefox ESR \u003c 115.13, Thunderbird \u003c 115.13, and Thunderbird \u003c 128.","modified":"2026-03-15T14:51:47.009456Z","published":"2024-07-09T15:15:12.533Z","related":["ALSA-2024:4500","ALSA-2024:4517","ALSA-2024:4624","ALSA-2024:4635","CGA-qwf4-ww5f-7f39","MGASA-2024-0269","MGASA-2024-0274","SUSE-SU-2024:2371-1","SUSE-SU-2024:2399-1","SUSE-SU-2024:2790-1","SUSE-SU-2024:2876-1","SUSE-SU-2024:3003-1","SUSE-SU-2024:3507-1","openSUSE-SU-2024:14189-1","openSUSE-SU-2024:14197-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-29/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-30/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-31/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-32/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1895081"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"115.13"}]},{"events":[{"introduced":"0"},{"fixed":"128.0"}]},{"events":[{"introduced":"0"},{"fixed":"115.13"}]},{"events":[{"introduced":"116.0"},{"fixed":"128.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6603.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}