1 matches found
mozilla: Use-after-free in JavaScript garbage collection
The Mozilla Foundation Security Advisory describes this flaw as: Unexpected marking work at the start of sweeping could have led to a use-after-free...