Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-3858
HistoryApr 16, 2024 - 12:00 a.m.

CVE-2024-3858

2024-04-1600:00:00
ubuntu.com
ubuntu.com
5
javascript object mutation
firefox < 125
jit crash
firefox snap
ubuntu 22.04

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

It was possible to mutate a JavaScript object so that the JIT could crash
while tracing it. This vulnerability affects Firefox < 125.

Notes

Author Note
tyhicks mozjs contains a copy of the SpiderMonkey JavaScript engine
mdeslaur starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snap

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%