CVE-2023-4574
CVSS v3.1
6.5 (Medium)
EPSS
0.08 % (36th)
Affected Products
3
Advisories
34
When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.
Weaknesses
- CWE-416
- Use After Free
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-09-11 09:15:09
(12 months ago) - Updated Date
-
2023-09-13 11:15:10
(12 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...