Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-3860
HistoryApr 16, 2024 - 12:00 a.m.

CVE-2024-3860

2024-04-1600:00:00
ubuntu.com
ubuntu.com
7
out-of-memory condition
object initialization
firefox < 125
jit trace
vulnerability
spidermonkey
ubuntu 22.04
firefox snap

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

An out-of-memory condition during object initialization could result in an
empty shape list. If the JIT subsequently traced the object it would crash.
This vulnerability affects Firefox < 125.

Notes

Author Note
tyhicks mozjs contains a copy of the SpiderMonkey JavaScript engine
mdeslaur starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snap

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%