CVE-2024-3862

2024-04-1616:15:08

[email protected]

web.nvd.nist.gov

javascript engine

assignment vulnerability

firefox

5.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

The MarkStack assignment operator, part of the JavaScript engine, could access uninitialized memory if it were used in a self-assignment. This vulnerability affects Firefox < 125.

References

bugzilla.mozilla.org/show_bug.cgi?id=1884457

www.mozilla.org/security/advisories/mfsa2024-18/