Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-4578
HistorySep 11, 2023 - 9:15 a.m.

Design/Logic Flaw

2023-09-1109:15:00
PRIOn knowledge base
www.prio-n.com
4
javascript
syntax error
memory allocation
vulnerability
firefox
thunderbird
nvd

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.2%

When calling JS::CheckRegExpSyntax a Syntax Error could have been set which would end in calling convertToRuntimeErrorAndClear. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.