Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:35028
HistoryApr 09, 2022 - 10:44 p.m.

Use After Free

2022-04-0922:44:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

firefox is vulnerable to use after free. The vulnerability exists when a use-after-free could is triggered using a link with rel=“localization” by destroying an object during JavaScript execution and then referencing the object through a freed pointer which causes an application crash.

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H