CVE-2023-29537

CVSS v3.1 7.5 (High)

EPSS 0.24 % (63^th)

Affected Products 2

Advisories 3

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2023-06-02 17:15:12
(15 months ago)
Updated Date: 2023-06-09 03:56:59
(15 months ago)

Affected Products

Mozilla

Firefox
Focus

Configuration #1

	CPE23	Up To
Mozilla Firefox prior 112.0 version	cpe:2.3:a:mozilla:firefox	< 112.0
Mozilla Firefox for Android prior 112.0 version	cpe:2.3:a:mozilla:firefox::::::android	< 112.0
Mozilla Focus for Android prior 112.0 version	cpe:2.3:a:mozilla:focus::::::android	< 112.0