Search for vulnerabilities
Vulnerability details: VCID-tqrd-mhw4-aaah
Vulnerability ID VCID-tqrd-mhw4-aaah
Aliases CVE-2024-5688
Summary If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
cvssv3 7.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5688.json
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00359 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00742 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.00769 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.0103 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.0103 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.01208 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
epss 0.0244 https://api.first.org/data/v1/epss?cve=CVE-2024-5688
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2024-25
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2024-26
generic_textual high https://www.mozilla.org/en-US/security/advisories/mfsa2024-28
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5688.json
https://api.first.org/data/v1/epss?cve=CVE-2024-5688
https://bugzilla.mozilla.org/show_bug.cgi?id=1895086
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5688
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5693
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5700
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5702
https://lists.debian.org/debian-lts-announce/2024/06/msg00000.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00010.html
https://www.mozilla.org/security/advisories/mfsa2024-25/
https://www.mozilla.org/security/advisories/mfsa2024-26/
https://www.mozilla.org/security/advisories/mfsa2024-28/
2291395 https://bugzilla.redhat.com/show_bug.cgi?id=2291395
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
CVE-2024-5688 https://nvd.nist.gov/vuln/detail/CVE-2024-5688
mfsa2024-25 https://www.mozilla.org/en-US/security/advisories/mfsa2024-25
mfsa2024-26 https://www.mozilla.org/en-US/security/advisories/mfsa2024-26
mfsa2024-28 https://www.mozilla.org/en-US/security/advisories/mfsa2024-28
RHSA-2024:3949 https://access.redhat.com/errata/RHSA-2024:3949
RHSA-2024:3950 https://access.redhat.com/errata/RHSA-2024:3950
RHSA-2024:3951 https://access.redhat.com/errata/RHSA-2024:3951
RHSA-2024:3952 https://access.redhat.com/errata/RHSA-2024:3952
RHSA-2024:3953 https://access.redhat.com/errata/RHSA-2024:3953
RHSA-2024:3954 https://access.redhat.com/errata/RHSA-2024:3954
RHSA-2024:3955 https://access.redhat.com/errata/RHSA-2024:3955
RHSA-2024:3958 https://access.redhat.com/errata/RHSA-2024:3958
RHSA-2024:3972 https://access.redhat.com/errata/RHSA-2024:3972
RHSA-2024:4001 https://access.redhat.com/errata/RHSA-2024:4001
RHSA-2024:4002 https://access.redhat.com/errata/RHSA-2024:4002
RHSA-2024:4003 https://access.redhat.com/errata/RHSA-2024:4003
RHSA-2024:4004 https://access.redhat.com/errata/RHSA-2024:4004
RHSA-2024:4015 https://access.redhat.com/errata/RHSA-2024:4015
RHSA-2024:4016 https://access.redhat.com/errata/RHSA-2024:4016
RHSA-2024:4018 https://access.redhat.com/errata/RHSA-2024:4018
RHSA-2024:4036 https://access.redhat.com/errata/RHSA-2024:4036
RHSA-2024:4063 https://access.redhat.com/errata/RHSA-2024:4063
USN-6840-1 https://usn.ubuntu.com/6840-1/
USN-6862-1 https://usn.ubuntu.com/6862-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5688.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.11214
EPSS Score 0.00044
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-06-11T16:46:18.701457+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2024/mfsa2024-25.yml 34.0.0rc4