CVE-2024-11705

EPSS 0.26% · P49 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-11705

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

`NSC_DeriveKey` inadvertently assumed that the `phKey` parameter is always non-NULL. When it was passed as NULL, a segmentation fault (SEGV) occurred, leading to crashes. This behavior conflicted with the PKCS#11 v3.0 specification, which allows `phKey` to be NULL for certain mechanisms. This vulnerability affects Firefox < 133 and Thunderbird < 133.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Mozilla Firefox 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 133之前版本存在安全漏洞。攻击者利用该漏洞可以导致程序崩溃。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Mozilla	Firefox	unspecified ~ 133	-
Mozilla	Thunderbird	unspecified ~ 133	-

II. Public POCs for CVE-2024-11705

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-11705

请登录查看更多情报信息。

Same Patch Batch · Mozilla · 2024-11-26 · 22 CVEs total

CVE-2024-11694		Mozilla Firefox 安全漏洞
CVE-2024-53976		Mozilla Firefox 安全漏洞
CVE-2024-53975		Mozilla Firefox 安全漏洞
CVE-2024-11699		Mozilla Firefox 安全漏洞
CVE-2024-11708		Mozilla Firefox 安全漏洞
CVE-2024-11706		Mozilla Firefox 安全漏洞
CVE-2024-11698		Mozilla Firefox 安全漏洞
CVE-2024-11704		Mozilla Firefox 安全漏洞
CVE-2024-11697		Mozilla Firefox 安全漏洞
CVE-2024-11696		Mozilla Firefox 安全漏洞
CVE-2024-11703		Mozilla Firefox 安全漏洞
CVE-2023-1521		Local Privilege Escalation in sccache
CVE-2024-11693		Mozilla Firefox 安全漏洞
CVE-2024-11695		Mozilla Firefox 安全漏洞
CVE-2024-11692		Mozilla Firefox 安全漏洞
CVE-2024-11701		Mozilla Firefox 安全漏洞
CVE-2024-11702		Mozilla Firefox 安全漏洞
CVE-2024-11700		Mozilla Firefox 安全漏洞
CVE-2024-11691		Mozilla Firefox 安全漏洞
CVE-2023-0163		Prototype Pollution in convict

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Firefox

Same vendor: Mozilla

V. Comments for CVE-2024-11705

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-11705

I. Basic Information for CVE-2024-11705

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-11705

III. Intelligence Information for CVE-2024-11705

Same Patch Batch · Mozilla · 2024-11-26 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-11705

Leave a comment