{"id":"CVE-2024-9680","details":"An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines. We have had reports of this vulnerability being exploited in the wild. This vulnerability affects Firefox \u003c 131.0.2, Firefox ESR \u003c 128.3.1, Firefox ESR \u003c 115.16.1, Thunderbird \u003c 131.0.1, Thunderbird \u003c 128.3.1, and Thunderbird \u003c 115.16.0.","modified":"2026-03-14T12:40:56.642475Z","published":"2024-10-09T13:15:12.090Z","related":["ALSA-2024:7958","ALSA-2024:7977","ALSA-2024:8024","ALSA-2024:8025","ALSA-2024:9552","ALSA-2024:9554","CGA-xjj7-p9jh-2wjj","MGASA-2024-0331","MGASA-2024-0334","MGASA-2024-0336","SUSE-SU-2024:3603-1","SUSE-SU-2024:3614-1","SUSE-SU-2024:3629-1","SUSE-SU-2024:3731-1","openSUSE-SU-2024:14393-1","openSUSE-SU-2024:14394-1","openSUSE-SU-2024:14397-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-9680"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-51/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2024-52/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1923344"},{"type":"REPORT","url":"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281992"},{"type":"FIX","url":"https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49039"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00005.html"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00006.html"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-9680.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"115.16.1"}]},{"events":[{"introduced":"0"},{"fixed":"131.0.2"}]},{"events":[{"introduced":"128.1.0"},{"fixed":"128.3.1"}]},{"events":[{"introduced":"0"},{"fixed":"115.16.0"}]},{"events":[{"introduced":"128.0.1"},{"fixed":"128.3.1"}]},{"events":[{"introduced":"0"},{"last_affected":"131.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}