ghsa-fm7w-6qfv-w35j
Vulnerability from github
Published
2023-09-11 09:31
Modified
2024-04-04 07:34
Severity
Details
When UpdateRegExpStatics
attempted to access initialStringHeap
it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
{ "affected": [], "aliases": [ "CVE-2023-4577" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2023-09-11T09:15:09Z", "severity": "MODERATE" }, "details": "When `UpdateRegExpStatics` attempted to access `initialStringHeap` it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox \u003c 117, Firefox ESR \u003c 115.2, and Thunderbird \u003c 115.2.", "id": "GHSA-fm7w-6qfv-w35j", "modified": "2024-04-04T07:34:50Z", "published": "2023-09-11T09:31:45Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4577" }, { "type": "WEB", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1847397" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2023-34" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2023-36" }, { "type": "WEB", "url": "https://www.mozilla.org/security/advisories/mfsa2023-38" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
Loading...