Lucene search

K

GoogleOSV:USN-6406-1

HistoryOct 03, 2023 - 2:04 p.m.

mozjs102 vulnerabilities

2023-10-0314:04:07

Google

osv.dev

14

spidermonkey

javascript

security

remote attacker

denial of service

arbitrary code execution

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

7.9

Confidence

Low

EPSS

0.001

Percentile

46.1%

Several security issues were discovered in the SpiderMonkey JavaScript
library. If a user were tricked into opening malicious JavaScript
applications or processing malformed data, a remote attacker could exploit
a variety of issues related to JavaScript security, including denial of
service attacks, and arbitrary code execution.

References

ubuntu.com/security/CVE-2023-4046

ubuntu.com/security/notices/USN-6406-1

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

7.9

Confidence

Low

EPSS

0.001

Percentile

46.1%

Related for OSV:USN-6406-1