CVE-2021-23995

Summary

When Responsive Design Mode was enabled, it used references to objects that were previously freed. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.10, Thunderbird < 78.10, and Firefox < 88.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefox ESRunspecified < 78.10affected
MozillaThunderbirdunspecified < 78.10affected
MozillaFirefoxunspecified < 88affected

Weaknesses

  • Use-after-free in Responsive Design Mode

ADP Enrichment

CVE Program Container

Additional References

References