Security Advisory

CVE-2024-11706

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-26 13:34:01

Last updated 2024-11-26 16:32:23

Assigner mozilla

State PUBLISHED

Description

A null pointer dereference may have inadvertently occurred in `pk12util`, and specifically in the `SEC_ASN1DecodeItem_Util` function, when handling malformed or improperly formatted input files. This vulnerability affects Firefox < 133 and Thunderbird < 133.

← Browse all CVEs View on cve.org ↗