CVE-2024-10468 — Race Condition in Mozilla Firefox

Vendor	Product	Version range	Fixed in
debian	firefox	< firefox 132.0-1 (sid)	firefox 132.0-1 (sid)
mozilla	firefox	< 132.0	132.0
mozilla	firefox	—	—
mozilla	firefox	>= 0 < 132.0+build1-0ubuntu0.20.04.1	132.0+build1-0ubuntu0.20.04.1
mozilla	firefox	>= unspecified < 132	132
mozilla	thunderbird	< 132.0	132.0
mozilla	thunderbird	>= 0 < 1:140.7.1+build1-0ubuntu0.22.04.1	1:140.7.1+build1-0ubuntu0.22.04.1
mozilla	thunderbird	>= unspecified < 132	132

Ubuntu

Thunderbird vulnerabilities

vendor_ubuntu·2026-02-02

CVE-2025-8031 Thunderbird vulnerabilities Title: Thunderbird vulnerabilities Summary: Several security issues were fixed in Thunderbird. Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Instructions: In general, a standard system update will make all the necessary changes.

Ubuntu

Firefox vulnerabilities

vendor_ubuntu·2024-10-31·CVSS 7.5

CVE-2024-10459 [HIGH] Firefox vulnerabilities Title: Firefox vulnerabilities Summary: Several security issues were fixed in Firefox. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-10458 CVE-2024-10459, CVE-2024-10460, CVE-2024-10461, CVE-2024-10462, CVE-2024-10463, CVE-2024-10464, CVE-2024-10465, CVE-2024-10466, CVE-2024-10467, CVE-2024-10468) Instructions: After a standard system update you need to restart Firefox to make all the necessary changes.

Red Hat

thunderbird: Race conditions in IndexedDB

vendor_redhat·2024-10-29·CVSS 5.3

CVE-2024-10468 [MEDIUM] CWE-400 thunderbird: Race conditions in IndexedDB thunderbird: Race conditions in IndexedDB Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. Statement: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. Package: thunderbird (Red Hat Enterprise Linux 6) - Not affected Package: thunderbird (Red Hat Enterprise Linux 7) - Not affected Package: thunderbird (Red Hat Enterprise Linux 8) - Not affected Package: thunderbird (

Debian

CVE-2024-10468: firefox - Potential race conditions in IndexedDB could have caused memory corruption, lead...

vendor_debian·2024·CVSS 5.3

CVE-2024-10468 [MEDIUM] CVE-2024-10468: firefox - Potential race conditions in IndexedDB could have caused memory corruption, lead... Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132. Scope: local sid: resolved (fixed in 132.0-1)

Mozilla

Mozilla Foundation Security Advisory 2024-55: CVE-2024-10468

vendor_mozilla·CVSS 5.3

CVE-2024-10468 [MEDIUM] Mozilla Foundation Security Advisory 2024-55: CVE-2024-10468 Mozilla Foundation Security Advisory 2024-55 CVE: CVE-2024-10468 Product: Firefox Impact: moderate Fixed in: Firefox 132

Mozilla

Mozilla Foundation Security Advisory 2024-59: CVE-2024-10468

vendor_mozilla·CVSS 5.3

CVE-2024-10468 [MEDIUM] Mozilla Foundation Security Advisory 2024-59: CVE-2024-10468 Mozilla Foundation Security Advisory 2024-59 CVE: CVE-2024-10468 Product: Thunderbird Impact: moderate Fixed in: Thunderbird 132

OSV

firefox vulnerabilities

osv·2024-10-31·CVSS 7.5

CVE-2024-10458 [HIGH] firefox vulnerabilities firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-10458 CVE-2024-10459, CVE-2024-10460, CVE-2024-10461, CVE-2024-10462, CVE-2024-10463, CVE-2024-10464, CVE-2024-10465, CVE-2024-10466, CVE-2024-10467, CVE-2024-10468)

OSV

CVE-2024-10468: Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash

osv·2024-10-29·CVSS 5.3

CVE-2024-10468 [MEDIUM] CVE-2024-10468: Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132.

GHSA

GHSA-xhw3-h8gq-2w23: Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash

ghsa_unreviewed·2024-10-29

CVE-2024-10468 [CRITICAL] CWE-362 GHSA-xhw3-h8gq-2w23: Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132 and Thunderbird < 132.

CVE-2024-10468: Potential race conditions in IndexedDB could have caused memory corruption, leading to a potentially exploitable crash. This vulnerability affects Firefox <…

Affected

CVSS provenance