Lucene search

K
cvelistMozillaCVELIST:CVE-2023-5172
HistorySep 27, 2023 - 2:13 p.m.

CVE-2023-5172

2023-09-2714:13:33
mozilla
www.cve.org
firefox
ion engine
use-after-free
vulnerability
exploitable
crash
hashtable

9.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.9%

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.

CNA Affected

[
  {
    "product": "Firefox",
    "vendor": "Mozilla",
    "versions": [
      {
        "lessThan": "118",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

9.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.9%