CVE-2023-5171
CVSS v3.1
6.5 (Medium)
EPSS
0.09 % (40th)
Affected Products
5
Advisories
31
During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.
Weaknesses
- CWE-416
- Use After Free
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2023-09-27 15:19:42
(11 months ago) - Updated Date
-
2023-10-12 02:52:09
(11 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...