CVE-2024-9680 - Mozilla Firefox Use-After-Free Vulnerability
Project:Mozilla
Product:Firefox
Date Added:2024-10-15Due Date:2024-11-05Last Updated:January 29, 2026
Vulnerability Name
Mozilla Firefox Use-After-Free Vulnerability
Description
Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
https://nvd.nist.gov/vuln/detail/CVE-2024-9680
Related News Articles
Details emerge on WinRAR zero-day attacks that infected PCs with malwareAugust 11, 2025
Google Reports 75 Zero-Days Exploited in 2024 β 44% Targeted Enterprise Security ProductsApril 29, 2025
Mozilla warns Windows users of critical Firefox sandbox escape flawMarch 27, 2025
Firefox and Windows zero-days exploited by Russian RomCom hackersNovember 26, 2024
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated CyberattacksNovember 26, 2024