{"uuid": "eb0f83a2-0499-4740-9e1f-5e4ece5188cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9680", "type": "exploited", "source": "https://t.me/EthicalSecure/211", "content": "\u26a1\ufe0f Firefox 131.0.2 va Tor brauzeri 13.5.7 yangilanishlari muhim zaifliklarni tuzatdi\n\nFirefox 131.0.2 , Firefox ESR 115.16.1 , Firefox ESR 128.3.1 va Tor brauzerining 13.5.7 tuzatuvchi versiyalari chop etildi, ular muhim zaiflikni (CVE-2024-9680) bartaraf etadi.\n\nUshbu zaiflik zararli kodni maxsus yaratilgan veb-sahifalarga tashrif buyurishda kontent jarayoni darajasida bajarishga imkon beradi.\n\nMuammo veb-sahifalardagi animatsiyalarni sinxronlashtirish va boshqarish uchun ishlatiladigan AnimationTimeline API-ni amalga oshirishda noto'g'ri foydalanishdan keyin bo'sh xotira bilan bog'liq.\n\nAyniqsa, xavflisi shundaki, ESET ushbu zaiflikdan haqiqiy hujumlarda foydalanish holatlarini yangilanish chiqarilishidan oldin ham aniqlagan (0 kun). Zaiflik haqida tafsilotlar hozircha oshkor etilmagan.\n\nX11/Xorg-ga asoslangan muhitda brauzerni kompozit serversiz ishga tushirishda UI elementlarining tartibsiz ko'rsatilishiga olib keladigan Firefox 131- dagi muammolar ham e'tiborga loyiqdir.", "creation_timestamp": "2025-06-24T06:30:27.000000Z"}