CVE-2023-4578
CVSS v3.1
6.5 (Medium)
EPSS
0.07 % (30th)
Affected Products
3
Advisories
30
When calling JS::CheckRegExpSyntax
a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear
. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
Weaknesses
- CWE-770
- Allocation of Resources Without Limits or Throttling
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-09-11 09:15:09
(12 months ago) - Updated Date
-
2023-09-14 03:53:09
(12 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...