CVE-2024-7652

CVSS v3.1 7.5 (High)

EPSS 0.04 % (11^th)

Advisories 7

NVD Status Awaiting Analysis

An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

Weaknesses

CWE-476: NULL Pointer Dereference
CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')

Related CVEs

CVE-2024-43357

CVE Status: PUBLISHED
NVD Status: Awaiting Analysis
CNA: Mozilla Corporation
Published Date: 2024-09-06 19:15:12
(10 days ago)
Updated Date: 2024-09-09 13:03:38
(7 days ago)