Mozilla · Thunderbird · CVE-2024-8394
**Name of the Vulnerable Software and Affected Versions**
Thunderbird versions prior to 128.2
**Description**
The issue is related to a use-after-free bug that could be triggered when aborting the verification of an OTR chat session, potentially leading to a crash. This could be exploited by a remote attacker to cause a denial of service.
**Recommendations**
For versions prior to 128.2, update to version 128.2 or later to resolve the issue.