Lucene search

K
cvelistMozillaCVELIST:CVE-2023-5172
HistorySep 27, 2023 - 2:13 p.m.

CVE-2023-5172

2023-09-2714:13:33
mozilla
www.cve.org
5
firefox
ion engine
use-after-free
vulnerability
exploitable
crash
hashtable

AI Score

9.2

Confidence

High

EPSS

0.001

Percentile

29.9%

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.

CNA Affected

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "118",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]